urlscan.io logo urlscan.io
SecurityTrails logo

www.medlife.com Open in urlscan Pro
15.207.64.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u13717896.ct.sendgrid.net/ls/click?upn=0zzXSI3xZ4PxB4xMVIYKU-2FS2yUcdeOT-2FRc4SzqwQ49CGZ5ZX2Q21L-2Fpw5n3GaqsS-2FwTkHQlE1Bk...
Effective URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Coll...
Submission: On October 08 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 7 countries across 32 domains to perform 79 HTTP transactions. The main IP is 15.207.64.228, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is www.medlife.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 4th 2019. Valid for: 2 years.
This is the only time www.medlife.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
1 1 52.19.89.221 16509 (AMAZON-02)
1 1 52.49.224.198 16509 (AMAZON-02)
15 15.207.64.228 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 13.126.167.43 16509 (AMAZON-02)
2 143.204.201.101 16509 (AMAZON-02)
4 99.86.243.27 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.84.112.121 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.162 15169 (GOOGLE)
1 2600:9000:203... 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 2 216.58.207.70 15169 (GOOGLE)
1 151.101.113.2 54113 (FASTLY)
1 3 185.33.221.91 29990 (ASN-APPNEX)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 99.86.7.16 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 182.161.73.211 55569 (CRITEO-AS...)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
1 3.217.219.88 14618 (AMAZON-AES)
2 184.31.90.174 20940 (AKAMAI-ASN1)
1 104.103.78.138 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 5 185.31.128.128 54312 (ROCKETFUEL)
1 1 142.250.74.194 15169 (GOOGLE)
1 69.173.144.165 26667 (RUBICONPR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 52.72.30.132 14618 (AMAZON-AES)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 82.199.68.73 15830 (EQUINIX-C...)
2 13.234.2.118 16509 (AMAZON-02)
79 38
1    167.89.123.16 (United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x16.outbound-mail.sendgrid.net
u13717896.ct.sendgrid.net
1    52.19.89.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-89-221.eu-west-1.compute.amazonaws.com
wizrocketmail.net
1    52.49.224.198 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-224-198.eu-west-1.compute.amazonaws.com
medlife-app.onelink.me
15    15.207.64.228 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
www.medlife.com
3    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    13.126.167.43 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-126-167-43.ap-south-1.compute.amazonaws.com
rest.medlife.com
2    143.204.201.101 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-101.fra53.r.cloudfront.net
api-gateway.medlife.com
4    99.86.243.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-27.vie50.r.cloudfront.net
cdn.medlife.com
1    2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.84.112.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-112-121.sof50.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:1c93 (United States)

ASN13335 (CLOUDFLARENET, US)
ssl.widgets.webengage.com
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com
1    2600:9000:203c:600:8:cf94:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
zc2ab281a.webengage.co
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    216.58.207.70 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f6.1e100.net
9217966.fls.doubleclick.net
1    151.101.113.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
a.quora.com
3    185.33.221.91 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
cm.g.doubleclick.net
1    99.86.7.16 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-16.fra6.r.cloudfront.net
wzrkt.com
2    2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    182.161.73.211 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
widget.as.criteo.com
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    3.217.219.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-219-88.compute-1.amazonaws.com
q.quora.com
2    184.31.90.174 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com
secure-ds.serving-sys.com
1    104.103.78.138 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-78-138.deploy.static.akamaitechnologies.com
c1.rfihub.net
1    2606:4700:3030::681f:5dcb (United States)

ASN13335 (CLOUDFLARENET, US)
www.mainadv.com
5    185.31.128.128 (Netherlands)

ASN54312 (ROCKETFUEL, US)
20801288p.rfihub.com
a.rfihub.com
20817756p.rfihub.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2606:4700:3031::681b:9c5e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.mndtrk.com
3    52.72.30.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-30-132.compute-1.amazonaws.com
c.webengage.com
1    2606:4700:10::6814:786b (United States)

ASN13335 (CLOUDFLARENET, US)
ck.solocpm.com
1    82.199.68.73 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)
bs.serving-sys.com
2    13.234.2.118 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-234-2-118.ap-south-1.compute.amazonaws.com
rest-lang-service.medlife.com
Apex Domain
Subdomains		 Transfer
25 medlife.com
www.medlife.com
rest.medlife.com
api-gateway.medlife.com
cdn.medlife.com
rest-lang-service.medlife.com
4 MB
6 doubleclick.net
9217966.fls.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
5 KB
5 rfihub.com
20801288p.rfihub.com
a.rfihub.com
20817756p.rfihub.com
3 KB
4 gstatic.com
fonts.gstatic.com
38 KB
4 webengage.com
ssl.widgets.webengage.com
c.webengage.com
59 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
17 KB
3 criteo.com
sslwidget.criteo.com
widget.as.criteo.com
gum.criteo.com
2 KB
3 adnxs.com
secure.adnxs.com
3 KB
3 googletagmanager.com
www.googletagmanager.com
135 KB
3 facebook.net
connect.facebook.net
96 KB
3 googleapis.com
fonts.googleapis.com
2 KB
2 google.de
www.google.de
214 B
2 google.com
www.google.com
433 B
2 cloudflare.com
cdnjs.cloudflare.com
1 KB
2 facebook.com
www.facebook.com
405 B
2 quora.com
a.quora.com
q.quora.com
14 KB
2 bing.com
bat.bing.com
9 KB
1 solocpm.com
ck.solocpm.com
1 mndtrk.com
cdn.mndtrk.com
2 KB
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 mainadv.com
www.mainadv.com
4 KB
1 rfihub.net
c1.rfihub.net
7 KB
1 wzrkt.com
wzrkt.com
869 B
1 criteo.net
static.criteo.net
12 KB
1 webengage.co
zc2ab281a.webengage.co
1 googleadservices.com
www.googleadservices.com
11 KB
1 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
15 KB
1 google-analytics.com
www.google-analytics.com
18 KB
1 onelink.me
medlife-app.onelink.me
554 B
1 wizrocketmail.net
wizrocketmail.net
124 B
1 sendgrid.net
u13717896.ct.sendgrid.net
556 B
0 rtmarks.net Failed
my.rtmarks.net Failed
79 32
Domain Requested by
15 www.medlife.com www.medlife.com
4 fonts.gstatic.com fonts.googleapis.com
4 cdn.medlife.com www.medlife.com
3 c.webengage.com ssl.widgets.webengage.com
3 a.rfihub.com 1 redirects c1.rfihub.net
3 secure.adnxs.com 1 redirects www.medlife.com
www.googletagmanager.com
3 www.googletagmanager.com www.medlife.com
www.googletagmanager.com
3 connect.facebook.net www.medlife.com
connect.facebook.net
3 fonts.googleapis.com www.medlife.com
2 rest-lang-service.medlife.com www.medlife.com
2 cm.g.doubleclick.net 2 redirects
2 secure-ds.serving-sys.com www.medlife.com
secure-ds.serving-sys.com
2 www.google.de www.medlife.com
2 www.google.com www.medlife.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 cdnjs.cloudflare.com www.medlife.com
2 www.facebook.com www.medlife.com
2 9217966.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 bat.bing.com www.googletagmanager.com
www.medlife.com
2 api-gateway.medlife.com www.medlife.com
2 rest.medlife.com www.medlife.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 ck.solocpm.com cdn.mndtrk.com
1 20817756p.rfihub.com c1.rfihub.net
1 cdn.mndtrk.com www.mainadv.com
1 pixel.rubiconproject.com www.medlife.com
1 20801288p.rfihub.com 1 redirects
1 www.mainadv.com www.medlife.com
1 c1.rfihub.net www.medlife.com
1 q.quora.com www.medlife.com
1 gum.criteo.com static.criteo.net
1 widget.as.criteo.com www.medlife.com
1 sslwidget.criteo.com 1 redirects
1 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
1 a.quora.com www.medlife.com
1 static.criteo.net www.googletagmanager.com
1 zc2ab281a.webengage.co ssl.widgets.webengage.com
1 www.googleadservices.com www.googletagmanager.com
1 ssl.widgets.webengage.com www.medlife.com
1 d2r1yp2w7bby2u.cloudfront.net www.medlife.com
1 www.google-analytics.com www.medlife.com
1 medlife-app.onelink.me 1 redirects
1 wizrocketmail.net 1 redirects
1 u13717896.ct.sendgrid.net 1 redirects
0 my.rtmarks.net Failed cdn.mndtrk.com
79 45

This site contains no links.

Subject Issuer Validity Valid
*.medlife.com
Go Daddy Secure Certificate Authority - G2		 2019-02-04 -
2021-04-20		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
webengage.com
Cloudflare Inc ECC CA-3		 2020-05-24 -
2021-05-24		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
webengage.co
Amazon		 2020-08-31 -
2021-10-01		 a year crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
quora.com
Let's Encrypt Authority X3		 2020-10-04 -
2021-01-02		 3 months crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-12 -
2022-08-17		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
wzrkt.com
Amazon		 2020-05-19 -
2021-06-19		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh
*.as.criteo.com
DigiCert ECC Secure Server CA		 2020-08-14 -
2020-11-12		 3 months crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
*.quora.com
Let's Encrypt Authority X3		 2020-10-04 -
2021-01-02		 3 months crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA		 2020-01-03 -
2021-04-03		 a year crt.sh
*.rfihub.net
DigiCert SHA2 Secure Server CA		 2020-04-01 -
2021-07-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.webengage.com
DigiCert SHA2 Secure Server CA		 2020-04-13 -
2021-04-21		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.solocpm.com
Go Daddy Secure Certificate Authority - G2		 2019-11-28 -
2020-12-09		 a year crt.sh
bs.serving-sys.com
Go Daddy Secure Certificate Authority - G2		 2020-01-07 -
2022-03-08		 2 years crt.sh

This page contains 8 frames:

Primary Page: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Frame ID: 6A7B2D55832DC785F8157A54579D2D15
Requests: 78 HTTP requests in this frame

Frame: https://zc2ab281a.webengage.co/storage-frame-1.16.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=~c2ab281a
Frame ID: 9C89707F197EBF899CB8D007B227A94B
Requests: 1 HTTP requests in this frame

Frame: https://9217966.fls.doubleclick.net/activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM
Frame ID: 3C92D0DF42A103A0D19247C0102B061E
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.medlife.com
Frame ID: C97B38EA6BA6C6D12C79D1A551C79F7E
Requests: 1 HTTP requests in this frame

Frame: https://20817756p.rfihub.com/ca.html?rfiidc=1041246336965256896&rfiaid=960d1fd0b3af498d90ade00b27fc3e73&ver=9&rb=38390&ca=20817756&_o=38390&_t=1&pe=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&pf=&ra=9483029528566664
Frame ID: 953DAA4FC65F247C42DD4C10040E8977
Requests: 1 HTTP requests in this frame

Frame: https://ck.solocpm.com/rtb/google/cookiematch.aspx?id=mainad_comunicacoes_ltda&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home&google_gid=CAESEAGnw_PO7DoLUoTg6OJOqtI&google_cver=1&google_ula=1060335013,0
Frame ID: 1B07D31F1E8ECEDE6056E716A9B32645
Requests: 1 HTTP requests in this frame

Frame: https://my.rtmarks.net/f.php?f=sync&lr=1&partners=211x46c555d482fcf532dd6e266ca1fbcff2bbaae5528931d78ef71bcde52adc
Frame ID: 8BDC9CFDEDEE69CA1148C407EC6316BB
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=38390&ca=20817756&ri=155d21abd6e937430b408b13ae6fe514&rfiidc=1041246336965256896&rfiaid=960d1fd0b3af498d90ade00b27fc3e73&stats=%7B%2213488%22%3A%2252%2C1%22%2C%2217243%22%3A%2285%2C1%22%2C%2231937%22%3A%22280%2C1%22%2C%2240977%22%3A%22215%2C1%22%2C%2250495%22%3A%221552%2C1%22%2C%2251433%22%3A%2233%2C2%22%2C%2252220%22%3A%22252%2C1%22%2C%2253707%22%3A%22123%2C1%22%2C%2253935%22%3A%22191%2C1%22%2C%2254497%22%3A%22163%2C1%22%2C%2254651%22%3A%22200%2C2%22%2C%2254863%22%3A%22367%2C1%22%2C%2255065%22%3A%22142%2C1%22%2C%2255073%22%3A%2292%2C1%22%2C%2256659%22%3A%22249%2C1%22%2C%2256885%22%3A%22364%2C2%22%2C%2257347%22%3A%22223%2C2%22%2C%2257363%22%3A%22464%2C1%22%2C%2257895%22%3A%22279%2C1%22%2C%2258143%22%3A%22295%2C1%22%2C%2258553%22%3A%221121%2C1%22%2C%2258561%22%3A%22844%2C2%22%7D&ra=3533321778650953
Frame ID: FF9D56588E0E040A78AD365435022BF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u13717896.ct.sendgrid.net/ls/click?upn=0zzXSI3xZ4PxB4xMVIYKU-2FS2yUcdeOT-2FRc4SzqwQ49CGZ5ZX2Q21L-2Fpw5... HTTP 302
    https://wizrocketmail.net/r?e=KwgIch9iCQN6EWR%2BDSZqfAUHBg1nJCw1ICQsNQoHBgNgY2I3FxohLkFDWFs5BTEkODE7Ln... HTTP 302
    https://medlife-app.onelink.me/va75/90891a99 HTTP 302
    https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a... Page URL

Page Statistics

79
Requests

99 %
HTTPS

43 %
IPv6

32
Domains

45
Subdomains

38
IPs

7
Countries

4336 kB
Transfer

4815 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u13717896.ct.sendgrid.net/ls/click?upn=0zzXSI3xZ4PxB4xMVIYKU-2FS2yUcdeOT-2FRc4SzqwQ49CGZ5ZX2Q21L-2Fpw5n3GaqsS-2FwTkHQlE1Bk5vlGgxCzCNvHHMJmYYz2LOsYnS-2BElym5MH19NZMMwDtCfx-2B3zIx0UVaKzhBiCBwdEITiIVuudbaK-2F-2BdcFqzTZc1xLEcK02bra9gOWLBaP15WP23w8UWNBLJZeU8xRbsu-2B2-2FZLrmhR-2BkuJTsz25MZ9F2dXZ-2FPXTzyZbcD-2B2lqowGRntDkuw3JymwpU8ZoYodaJmhG7U6BaNOx4w7I7nCdXlj40lIFAKtNIv5GcxL9b1I3lCuZr355uiDzJCq2pITGrIPwPSkDjJcUBQFeIyGBIQrlkMnM8aMUTMUgt4p0j6-2B9Yq4rzxB0qSy-2FtGMhSgOEr-2FPPzUL5LCPRmiSQmBGJwWJ3oMCgMuv2e7PssXZtSu5NZrIYwFmM99cq-2Fdmwfn4eTkbhWcMfmnTyKW9AdNg3VHgYUzjQwvBU-3DlBk0_k1CxCwK93H1XPXtmfYPu3087usY9n4TvscPyQ2EOAyju9ez1OvXVlhIpP6BPLCVxnl7PAdj-2FQ-2FNoZCfUiWPHEa5CUNeSXqTnvFSgVFdOL5wTQmOpIRKWmyLnoOZ574-2B-2FYw9EkFIdxBXtuAP075jUeHD463iOsp-2BwU0EqkeLl03uOi4K3eCGULcPHqvqkUi7qSyEUnqlOjMKV0sti8iFLH1ezEbhqq0tgfmeeHgEBex43j3M8a7DiPwdtHqhhY-2B8TUoe-2FEE0YA2ji7fDwppgTt6IdUJB-2FLSTyIT0FZvM6O3rNmy7uxf3hkYKpky-2Fu7tOYKrp-2FU2EClwF4UE2vQgsCoDQEdQ1rs0d4sgxvTvyWkXQEwu0HzVAMR2H35ygGyy3hAKFvTjyfRU4AhGa7gJPhMX7SvaKyUt02mDvM1Qjnx291ZoUUwVf0uLe9WCZ4vLfntxdrtW5JmMuKoQYaMAyyR3O9xqVpZjw6iyzqSbT3Jb0-3D HTTP 302
    https://wizrocketmail.net/r?e=KwgIch9iCQN6EWR%2BDSZqfAUHBg1nJCw1ICQsNQoHBgNgY2I3FxohLkFDWFs5BTEkODE7LnJwTQUrPyQuOS4uBV1EWFI%2BOTM%2FPjU8a3FcWFc8PzY3LHglMUBbbl0zeGhpZmxieQMEBwFiag15Z2hiegIACRZ7eCUxJTENO1tGXkB1YHA8LSg5FFZVV1UiNiZpKg%3D%3D&r=https%3A%2F%2Fmedlife-app.onelink.me%2Fva75%2F90891a99&c=649750080&token=BVdfBwpRBgQH&try=1&$follow_redirect=true HTTP 302
    https://medlife-app.onelink.me/va75/90891a99 HTTP 302
    https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://9217966.fls.doubleclick.net/activityi;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM HTTP 302
  • https://9217966.fls.doubleclick.net/activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM
Request Chain 39
  • https://secure.adnxs.com/px?id=1054486&seg=15663077&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1054486%26seg%3D15663077%26t%3D1
Request Chain 54
  • https://sslwidget.criteo.com/event?a=56287&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=medlife.com&dtycbr=64002 HTTP 302
  • https://widget.as.criteo.com/event?a=56287&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=medlife.com&dtycbr=64002
Request Chain 61
  • https://20801288p.rfihub.com/ca.gif?rb=35713&ca=20801288&_o=35713&_t=20801288&ra=1839919629 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTU4MjgwNDE2OTc0NTU5ODA0NA==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1582804169745598044https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D1582804169745598044https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D1582804169745598044%252526forward%25253D HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1582804169745598044https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D1582804169745598044https%25253A%25252F%25252Fdsum-sec.casalemedia.com%25252Frum%25253Fcm_dsp_id%25253D57%252526external_user_id%25253D1582804169745598044%252526forward%25253D&google_gid=CAESEMcsIZkw_SqZZOoij_HNjXo&google_cver=1 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1582804169745598044https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1582804169745598044https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D1582804169745598044%2526forward%253D
Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=mainad_comunicacoes_ltda&google_ula=1060335013&google_cm&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home HTTP 302
  • https://ck.solocpm.com/rtb/google/cookiematch.aspx?id=mainad_comunicacoes_ltda&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home&google_gid=CAESEAGnw_PO7DoLUoTg6OJOqtI&google_cver=1&google_ula=1060335013,0

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request TG00469A
www.medlife.com/collaflex/offer/
Redirect Chain
  • https://u13717896.ct.sendgrid.net/ls/click?upn=0zzXSI3xZ4PxB4xMVIYKU-2FS2yUcdeOT-2FRc4SzqwQ49CGZ5ZX2Q21L-2Fpw5n3GaqsS-2FwTkHQlE1Bk5vlGgxCzCNvHHMJmYYz2LOsYnS-2BElym5MH19NZMMwDtCfx-2B3zIx0UVaKzhBiCBw...
  • https://wizrocketmail.net/r?e=KwgIch9iCQN6EWR%2BDSZqfAUHBg1nJCw1ICQsNQoHBgNgY2I3FxohLkFDWFs5BTEkODE7LnJwTQUrPyQuOS4uBV1EWFI%2BOTM%2FPjU8a3FcWFc8PzY3LHglMUBbbl0zeGhpZmxieQMEBwFiag15Z2hiegIACRZ7eCUxJ...
  • https://medlife-app.onelink.me/va75/90891a99
  • https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
25 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Next.js
Resource Hash
5904ebc9a724849b3c14455781910b67d26375578d3587392cd80d652e9cb7c2

Request headers

:method
GET
:authority
www.medlife.com
:scheme
https
:path
/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 08 Oct 2020 09:04:12 GMT
content-type
text/html; charset=utf-8
content-length
25627
set-cookie
AWSALBTG=tTTl0Az1hYE4bsrbLx0rz0cPgWVoQoYkPdwbpQXmW0HPOZpJ4xaUOBpcy1HW8x8ZYfjxDGZWOCEmbgFeI2neC13hDd/MbUf5NVa1BM9J/C3/4QjCIFWmyhTtqJeNVcg/FBg4KenBKz94Qxd+UyIGK8Lj4KrQkid3iq+QI3x9+r4Q+22ce0w=; Expires=Thu, 15 Oct 2020 09:04:12 GMT; Path=/ AWSALBTGCORS=tTTl0Az1hYE4bsrbLx0rz0cPgWVoQoYkPdwbpQXmW0HPOZpJ4xaUOBpcy1HW8x8ZYfjxDGZWOCEmbgFeI2neC13hDd/MbUf5NVa1BM9J/C3/4QjCIFWmyhTtqJeNVcg/FBg4KenBKz94Qxd+UyIGK8Lj4KrQkid3iq+QI3x9+r4Q+22ce0w=; Expires=Thu, 15 Oct 2020 09:04:12 GMT; Path=/; SameSite=None; Secure
x-powered-by
Next.js
etag
"641b-Vm84mNrakhmV7rE82z8UKIQ+QRc"

Redirect headers

Content-Type
application/octet-stream
Date
Thu, 08 Oct 2020 09:04:12 GMT
Location
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Server
http-kit
Set-Cookie
af_id=1568e87b-d48b-4cfc-86c9-e971599de997-o;Expires=Sat, 08 Oct 2022 09:04:12 +0000;Domain=onelink.me;Path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
0
Connection
keep-alive
Tag.js
www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/ 		248 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/Tag.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
cb5ac4ccb7cc3c6b05fffc14ccc58785339a41a110c2efdc15bcd403ddf057f1

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"3dffe-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
253950
_app.js
www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/ 		130 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/_app.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
40aadcf9c0fdbf0d8d99b14e085bac2592593db89d9651ff1432b72c6605afec

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"20771-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
132977
webpack-9515f4d6d59e9525310d.js
www.medlife.com/_next/static/runtime/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/runtime/webpack-9515f4d6d59e9525310d.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
09f8ca5a34c9efab005ce918736bd8a28f12fc5f7b4004b9889ec56c4abff751

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"13e0-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
5088
commons.8b38f4fbe1bc4cdc25a0.js
www.medlife.com/_next/static/chunks/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
83821ec59bb7204e45dc9a875b84bf043ff4c39e061b2d55da43758dcd88c5fc

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"110f7e-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
1118078
main-3355d46448b5e4fcc22b.js
www.medlife.com/_next/static/runtime/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e1a1619d31a46994c7cb92ac8d8991915c99fbb862912b4ea244ca7b957da324

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"3369-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
13161
styles.94eb83a9c095bf781e2b.js
www.medlife.com/_next/static/chunks/ 		318 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/chunks/styles.94eb83a9c095bf781e2b.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
82bf5a855aaf5f66dd8362818f26829c10377b01801ce1769a4882dd90a9a151

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"13e-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
318
styles.b1006b44.chunk.css
www.medlife.com/_next/static/css/ 		680 KB
682 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
748cec179478c92b4207f33336739486c1b138a6aa6127529f56b3485628265b

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:12 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"aa0db-174fe8bbd88"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=0
accept-ranges
bytes
content-length
696539
truncated
/ 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613e0d411dc9a05612ac18c3ec535f4072f8b3f056cd6a35e425cb50a69d8261

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb81456aba38a795598d515622335ecc6790a9fe22428c73f50bb2adf70a8b19

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dc38bddd48079151f93f401f913746694cd3b2d13e93f840684cae73c371462

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		464 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18626b1bd3b134f0c74144a79889e62f5833d33f66daa33211ff27d4131c85c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		404 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d3f6e44e4fad7b136db04b4c6ec40e3d6349cd57a7eec5db8671c59d5d0df32

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ 		7 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 07:18:49 GMT
server
ESF
date
Thu, 08 Oct 2020 09:04:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Oct 2020 09:04:13 GMT
bootstrap.min.css
www.medlife.com/static/thirdpartycss/bootstrap/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/static/thirdpartycss/bootstrap/bootstrap.min.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
last-modified
Tue, 06 Oct 2020 15:26:15 GMT
x-powered-by
Express
etag
W/"2606e-174fe852dd8"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
155758
expires
Fri, 09 Oct 2020 09:04:13 GMT
css
fonts.googleapis.com/ 		7 KB
808 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
245e0bd9c5a93f34cc25a5742ea0d0dfe139d9fed4bda9a4ad13e6057da22072
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/_next/static/css/styles.b1006b44.chunk.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 08:27:53 GMT
server
ESF
date
Thu, 08 Oct 2020 09:04:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Oct 2020 09:04:13 GMT
dataSource
rest.medlife.com/api/v1/ml-layout-service/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://rest.medlife.com/api/v1/ml-layout-service/dataSource?body=%7B%22tagId%22%3A%22TG00469A%22%2C%22showProducts%22%3Atrue%2C%22pagination%22%3A%7B%22page%22%3A1%2C%22ipp%22%3A10%7D%2C%22sort%22%3A%7B%22score%22%3A%22desc%22%7D%2C%22filter%22%3A%7B%7D%7D&page_name=rn_tag_details&component_type=SKU_LISTING_FILTER
Protocol
H2
Server
13.126.167.43 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-167-43.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.medlife.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 08 Oct 2020 09:04:14 GMT
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
content-type
graphql
api-gateway.medlife.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api-gateway.medlife.com/graphql?operationName=AbTestGroup&variables=%7B%22abGroup%22%3A%22sf%22%2C%22guestId%22%3A%222bb2ec42-4aa7-4f22-a025-2f7837d1dfef%22%2C%22id%22%3A%22%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%223f369dbeda1552b215ad96d36fcbbbd172b4ddf795cc871b9025de16bf38ebf9%22%7D%7D
Protocol
H2
Server
143.204.201.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-101.fra53.r.cloudfront.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
apollographql-client-name,apollographql-client-version,app-platform,content-type,guest-id,version
Origin
https://www.medlife.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
204
date
Thu, 08 Oct 2020 09:04:14 GMT
x-powered-by
Express
access-control-allow-origin
*
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
vary
Access-Control-Request-Headers
access-control-allow-headers
apollographql-client-name,apollographql-client-version,app-platform,content-type,guest-id,version
x-cache
Miss from cloudfront
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
3ZuUOA21KnnwqmYAEva8VHm_VAESAcX0WijI90dAgVej9s-Q36u2Nw==
124.689e1d05dc4b84c79203.js
www.medlife.com/_next/static/chunks/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/chunks/124.689e1d05dc4b84c79203.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/webpack-9515f4d6d59e9525310d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
7ab964cdcec59ec48bdf4f2a307566e01af39d23c679e1a43156d870538e0e69

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"1118-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
4376
phonepe_sdk.js
cdn.medlife.com/phonepe/ 		58 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.medlife.com/phonepe/phonepe_sdk.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-27.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
790e457b8c9857ea95b1410427e12bc0d3955c91686f3c5505b237d67aae174d

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
1ibBMlt2GV.B1dTOS5IzaJ4sUgkGm11J
via
1.1 db5fd46eeb9457ed138e2c8651664df5.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 06:21:39 GMT
server
AmazonS3
age
23623
etag
"d8f092ae68b507f9dbd710c58f78e401"
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
date
Thu, 08 Oct 2020 02:30:31 GMT
x-amz-cf-pop
VIE50-C1
accept-ranges
bytes
content-length
59014
x-amz-cf-id
gPMoUNAdQOn-8M_bhl6T8Sfizernp4PqV6y_V9kyLzENdoCLroUPew==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6514
date
Thu, 08 Oct 2020 07:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Thu, 08 Oct 2020 09:15:39 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.84.112.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-112-121.sof50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ca7d48017aea03b1f6b984584f5956140842cfdc329db1de675afb26c727cb9

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 08 Oct 2020 08:58:58 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 16 Sep 2020 17:31:27 GMT
Server
AmazonS3
Age
316
ETag
W/"6aa00503df5c198c61e8c57e26496b20"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 82b3528e694ac410cff55b6e5e7bfeb6.cloudfront.net (CloudFront)
Cache-Control
max-age=1800, private
Transfer-Encoding
chunked
X-Amz-Cf-Pop
SOF50-C1
X-Amz-Cf-Id
zCdIJbHSSb6pB24ogobUj3T6uzruSWmf-oE9GreMj_DsbAx47MftFg==
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/;
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
6aZMtzFdtXVpHXfK/2hX/Jqor+ifY2eS/78sbBgrj6545U+WiDQ5aa5He6FNGURBMEfh/jcbFgzEEckBg26sAQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 08 Oct 2020 09:04:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-848312220
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
71745195edaa2e30e7efde50d1f4e2de7b49e72922cc9be7940a72f2ee14cfaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37228
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Oct 2020 09:04:13 GMT
gtm.js
www.googletagmanager.com/ 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KV9FBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
20cf6156b68f0c1fe2463a96a772dbd5b12ee297444c6e67cdc113d7b9eee205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62632
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Oct 2020 09:04:13 GMT
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/webp
dataSource
rest.medlife.com/api/v1/ml-layout-service/ 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rest.medlife.com/api/v1/ml-layout-service/dataSource?body=%7B%22tagId%22%3A%22TG00469A%22%2C%22showProducts%22%3Atrue%2C%22pagination%22%3A%7B%22page%22%3A1%2C%22ipp%22%3A10%7D%2C%22sort%22%3A%7B%22score%22%3A%22desc%22%7D%2C%22filter%22%3A%7B%7D%7D&page_name=rn_tag_details&component_type=SKU_LISTING_FILTER
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.167.43 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-167-43.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
348e5d4fd463363ed3148b27ecb0ce280dae231c786737a744ec4525b25deff1

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

status
200
date
Thu, 08 Oct 2020 09:04:14 GMT
access-control-allow-origin
*
x-powered-by
Express
etag
W/"1d9a-YggpZScYSJpeTQxmv59TCI8bZ5o"
content-length
7578
content-type
application/json; charset=utf-8
graphql
api-gateway.medlife.com/ 		2 KB
993 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-gateway.medlife.com/graphql?operationName=AbTestGroup&variables=%7B%22abGroup%22%3A%22sf%22%2C%22guestId%22%3A%222bb2ec42-4aa7-4f22-a025-2f7837d1dfef%22%2C%22id%22%3A%22%22%7D&extensions=%7B%22persistedQuery%22%3A%7B%22version%22%3A1%2C%22sha256Hash%22%3A%223f369dbeda1552b215ad96d36fcbbbd172b4ddf795cc871b9025de16bf38ebf9%22%7D%7D
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/_app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.201.101 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-201-101.fra53.r.cloudfront.net
Software
/ Express
Resource Hash
4cc0f8168a59e83fb0f281e23010a66cd46eca436b4fa9c46ee678d322773021

Request headers

apollographql-client-name
medlifewebapp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
guest-id
2bb2ec42-4aa7-4f22-a025-2f7837d1dfef
apollographql-client-version
10.0.363
App-Platform
web
version
10.0.363

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
content-encoding
gzip
etag
W/"889-x+2nAT0sxCqZiCC2RTkWhdQoLj8"
x-amz-cf-pop
FRA53-C1
status
200
x-powered-by
Express
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300, private
x-amz-cf-id
mkh42MgjMV3IGF8CPW44EC8ecQaYCJY7YA9Nh2w9etB4wgMLqNeg7g==
via
1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
webengage-min-v-6.0.js
ssl.widgets.webengage.com/js/ 		186 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f68e04d660d1aad4ee013a7a9553d61154e4d5da634862e507887dce48e43e4e

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
via
1.1 03d509e8374e9f42668961b5e0201349.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
7234
x-cache
Hit from cloudfront
status
200
content-encoding
gzip
cf-request-id
05a90d3de90000175e0c381200000001
last-modified
Mon, 21 Sep 2020 10:49:03 GMT
server
cloudflare
etag
W/"5f68851f-2e9ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
x-amz-cf-pop
FRA2-C2
cf-ray
5deeb1764a24175e-FRA
x-amz-cf-id
wu4wdiPlKDxIAmeCefxyYUHsgOO-Q3W2FVVo_KOWu975oN87LZEIiA==
expires
Thu, 08 Oct 2020 07:20:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medlife.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 05 Oct 2020 11:04:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
252007
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Tue, 05 Oct 2021 11:04:06 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medlife.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 14:47:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
152181
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Wed, 06 Oct 2021 14:47:52 GMT
Home.js
www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/ 		252 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/Home.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e102099574ea610bb2f5bc4fc1f57790ece5b2d1a2eb2e94914de078a1ae93cf

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
last-modified
Tue, 06 Oct 2020 15:33:25 GMT
x-powered-by
Express
etag
W/"3f14b-174fe8bbd88"
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
258379
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.27
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-xss-protection
0
pragma
public
x-fb-debug
s5pPVbl5vcnbcq53ZtxwHlD47hM1JLVC4sHQ/wacikEDCfaOnatQZVwtKqC2QZHKYUFKLgzF104X5CpDgtLlKg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 08 Oct 2020 09:04:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
214791212924292
connect.facebook.net/signals/config/ 		234 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/214791212924292?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
672417e850f8ecb8b697727364dd81626fa5bb6bf482d2776473ceb869712027
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69891
x-xss-protection
0
pragma
public
x-fb-debug
BYauNc0HT3L3/LraHb1ior0MQGlJyVbnRcIDYYqk9cJ2IRLPfxTgDm7Iihl/LrL30pOC+5rvDoCKQ6rWT1osPw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 08 Oct 2020 09:04:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-848312220
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11343
x-xss-protection
0
server
cafe
etag
2112904452244658753
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 08 Oct 2020 09:04:13 GMT
storage-frame-1.16.htm
zc2ab281a.webengage.co/ Frame 9C89 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://zc2ab281a.webengage.co/storage-frame-1.16.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=~c2ab281a
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:203c:600:8:cf94:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash

Request headers

:method
GET
:authority
zc2ab281a.webengage.co
:scheme
https
:path
/storage-frame-1.16.htm?cdn=y&cbf=webengage-engagement-callback-frame&lc=~c2ab281a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM

Response headers

status
200
content-type
text/html
server
nginx/1.12.1
last-modified
Mon, 15 Oct 2018 09:59:05 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Thu, 08 Oct 2020 05:39:17 GMT
etag
W/"5bc464e9-d60"
expires
Thu, 08 Oct 2020 09:38:14 GMT
cache-control
max-age=14400
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 15534a2d9a3f6f849c6a3de010437d91.cloudfront.net (CloudFront)
x-amz-cf-pop
SOF50-C1
x-amz-cf-id
VpYpWpb626XuVoa0gqH0u3Q4RbSFY74jfKa6pL49JE7d42wIGK5a_A==
age
12359
bat.js
bat.bing.com/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV9FBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
gzip
last-modified
Thu, 08 Oct 2020 02:14:47 GMT
x-msedge-ref
Ref A: 3DE935A69C3B4E3682CAC4890D36F934 Ref B: FRAEDGE1506 Ref C: 2020-10-08T09:04:13Z
status
200
etag
"80553cb189dd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8318
ld.js
static.criteo.net/js/ld/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV9FBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 13:03:43 GMT
server
nginx
etag
W/"5f5f6a2f-90a2"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 09 Oct 2020 09:04:13 GMT
activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2F...
9217966.fls.doubleclick.net/ Frame 3C92
Redirect Chain
  • https://9217966.fls.doubleclick.net/activityi;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%...
  • https://9217966.fls.doubleclick.net/activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fww...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9217966.fls.doubleclick.net/activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV9FBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.207.70 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9217966.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 08 Oct 2020 09:04:14 GMT
expires
Thu, 08 Oct 2020 09:04:14 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
442
x-xss-protection
0
set-cookie
IDE=AHWqTUkiq2dnxVJHvMCjjmIaRqgTe-1jurLvrHI204vKOqZ11fg5G_KDsrJiIwWW; expires=Tue, 02-Nov-2021 09:04:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Thu, 08 Oct 2020 09:04:13 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://9217966.fls.doubleclick.net/activityi;dc_pre=CNDd2-3RpOwCFQzRuwgdZN8IFQ;src=9217966;type=invmedia;cat=metli0;ord=9588779956242;gtm=2wg9u1;auiddc=1921501063.1602147854;~oref=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qevents.js
a.quora.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.113.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
s3LlaOWABX1LUjiLldBNr49lVAylKDRo
content-encoding
gzip
etag
"f32ebb1e93a72c0a57add6d07f688510"
age
4300
x-cache
HIT, HIT
status
200
content-length
13681
x-amz-id-2
SoDeqcL0jXrX+t/2ANrLxe+/YVDgwSEUiTCiSWtkf3B8ELEJdNd8f8M86yhIciWgtxZz/U1w77M=
x-served-by
cache-bwi5133-BWI, cache-hhn4061-HHN
last-modified
Fri, 25 Oct 2019 19:28:38 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1572031715/ctime:1572031714/gid:1000000/gname:employee/md5:f32ebb1e93a72c0a57add6d07f688510/mode:33188/mtime:1149709104/uid:1000332/uname:tzhou
x-timer
S1602147854.961036,VS0,VE0
date
Thu, 08 Oct 2020 09:04:13 GMT
vary
Accept-Encoding
x-amz-request-id
BB6952F516C62E5A
via
1.1 varnish, 1.1 varnish
cache-control
max-age=7200
accept-ranges
bytes
content-type
text/plain
x-cache-hits
2, 1581
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1054486&seg=15663077&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1054486%26seg%3D15663077%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1054486%26seg%3D15663077%26t%3D1
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Oct 2020 09:04:13 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.41:80
AN-X-Request-Uuid
09d04d42-18b8-4a94-947d-a93aa3d8bd95
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Oct 2020 09:04:13 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid
1e7753f9-0395-4033-9513-ec93d6f61db8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1054486%26seg%3D15663077%26t%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=214791212924292&ev=PageView&dl=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&rl=&if=false&ts=1602147853917&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602147853917.2001935392&it=1602147853845&coo=false&rqm=GET
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 08 Oct 2020 09:04:13 GMT
css
fonts.googleapis.com/ 		0
791 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Oct 2020 07:37:22 GMT
server
ESF
date
Thu, 08 Oct 2020 09:04:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Oct 2020 09:04:13 GMT
bootstrap.min.css
www.medlife.com/static/thirdpartycss/bootstrap/ 		0
153 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/static/thirdpartycss/bootstrap/bootstrap.min.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
last-modified
Tue, 06 Oct 2020 15:26:15 GMT
x-powered-by
Express
etag
W/"2606e-174fe852dd8"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
155758
expires
Fri, 09 Oct 2020 09:04:13 GMT
app.css
www.medlife.com/static/css/ 		0
196 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/static/css/app.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
last-modified
Tue, 06 Oct 2020 15:26:23 GMT
x-powered-by
Express
etag
W/"30cf4-174fe854d18"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
199924
expires
Fri, 09 Oct 2020 09:04:13 GMT
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		1 KB
696 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
49017
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
382
cf-request-id
05a90d3e660000c2ae6f862200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
etag
"5eb03fd5-50a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602147854"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5deeb1770c35c2ae-FRA
expires
Tue, 28 Sep 2021 09:04:13 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/runtime/main-3355d46448b5e4fcc22b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1155329
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
637
cf-request-id
05a90d3e670000c2ae6f863200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
etag
"5eb03fd5-92d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602147854"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5deeb1770c3ac2ae-FRA
expires
Tue, 28 Sep 2021 09:04:13 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848312220/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848312220/?random=1602147853923&cv=9&fst=1602147853923&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tiba=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c18413a26660b912396ec57020f7f4a2e99d5001f91efd326356062ca16c227
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848312220/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848312220/?random=1602147853926&cv=9&fst=1602147853926&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tiba=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29e673bb26f5f134b4d785ddaf705f0bb73cbf731780981f006bfab311acec53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1139
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5648798&Ver=2&mid=239746a7-637e-443f-af71-677206215e5c&sid=3ca0f410094511ebb015597ad8576d27&vid=3ca104c0094511eb808741d4a4ae2656&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&kw=collaflex,%20health%20care,%20products,%20online,%20Medlife,%20India&p=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&r=&lt=1556&evt=pageLoad&msclkid=N&sv=1&rn=293060
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: D368703C4B2E47A0A17AABAFD4698B38 Ref B: FRAEDGE1506 Ref C: 2020-10-08T09:04:13Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
wzrkt.com/ 		321 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=96&type=page&d=N4IgrgziBcIMYCcC2IA04WwHYHsAuAlgGZrhwzw4A2VAhkVQKYAeAtAEwAsAVmFQJ6kCAEwoAlAFoBOVmIAcAdlYBpAGwBWCaQAOAcxgBGdHD0UAFnjzaI0APS2A7k4B0SRsKrFGzuDiS3fGnomZlscIiJGBFsAFQBxAAYEzlUpAEEAfgIIAH0ERjxaBF0CgixdAF48BDBGADIwPCQciBwwBDhGCoBhMQBZOogzHAQ8TywAawqpBLkpA1opKQamnLhaJG1aAl0sHuo6BhYOTgApAFUAGQBNFea3YQIwJAqAOXxiOrgK09o4Ce0%2BFYBikFxudW0Ih6%2FVIAHUJGJlDlumk%2BgAFGCgBybGAJdBjcjQADaAF0AL5koAA&rn=1&i=1602147853&sn=0&r=1602147853962
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.16 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-16.fra6.r.cloudfront.net
Software
/
Resource Hash
1fa65c2738359acb2cb648317887c793b080c5185cae8f8dd3d4ec6bd423521d

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Oct 2020 09:04:14 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA6-C1
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Content-Type
text/javascript;charset=utf-8
Via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
Cache-Control
no-cache, no-store
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
zedVnvU0gJKo0WHJUrxJwN2etZ3cf4SG_aHdl5m_6kpM40hsEW1kyQ==
Expires
Thu, 01 Jan 1970 00:00:00 GMT, 0
/
www.google.com/pagead/1p-user-list/848312220/ 		42 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/848312220/?random=1602147853923&cv=9&fst=1602147600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tiba=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&async=1&fmt=3&is_vtc=1&random=3668848116&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/848312220/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/848312220/?random=1602147853923&cv=9&fst=1602147600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa9u1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tiba=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&async=1&fmt=3&is_vtc=1&random=3668848116&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/848312220/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/848312220/?random=1602147853926&cv=9&fst=1602147600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tiba=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&async=1&fmt=3&is_vtc=1&random=687976921&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/848312220/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/848312220/?random=1602147853926&cv=9&fst=1602147600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9u1&sendb=1&frm=0&url=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tiba=collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife&async=1&fmt=3&is_vtc=1&random=687976921&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
widget.as.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=56287&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=medlife.com&dtycbr=64002
  • https://widget.as.criteo.com/event?a=56287&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=medlife.com&dtycbr=64002
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.as.criteo.com/event?a=56287&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=medlife.com&dtycbr=64002
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.211 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
288817a9c8ebd569a893948377d7a13781e670f506d473e386dc6180a91bcef5

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:14 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
server-processing-duration-in-ticks
24181
content-type
application/x-javascript
content-length
863
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Oct 2020 09:04:13 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
status
302
location
https://widget.as.criteo.com/event?a=56287&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=medlife.com&dtycbr=64002
cache-control
no-cache
server-processing-duration-in-ticks
2340
timing-allow-origin
*
content-length
0
expires
0
syncframe
gum.criteo.com/ Frame C97B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.medlife.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.medlife.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM

Response headers

status
200
cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
651
date
Thu, 08 Oct 2020 09:04:13 GMT
content-length
0
pixel
q.quora.com/_/ad/f5893d211e334c90a030bdc6e9685e90/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/f5893d211e334c90a030bdc6e9685e90/pixel?j=1&u=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&tag=ViewContent&ts=1602147853983
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.219.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-219-88.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 08 Oct 2020 09:04:14 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
X-Q-Stat
,4bd9f91fa5efc60f618f7287ae68c372,10.0.0.234,14348,185.212.171.67,,37257487537,1,1602147854.379,0.001,,.,0,0,0.000,0.004,-,0,0,197,109,54,10,26847,,,,,,-,
Content-Type
image/gif
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073742998
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-90-174.deploy.static.akamaitechnologies.com
Software
/ ARR/2.5
Resource Hash
cd8c08a3770800c33b33ff489691deaad11b4860fd32b7fd0df42b51011b253e

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
content-encoding
gzip
status
200
last-modified
Tue, 06 Oct 2020 13:27:44 GMT
server
x-powered-by
ARR/2.5
etag
"c1946679e49bd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=676
accept-ranges
bytes
content-length
15872
tc.min.js
c1.rfihub.net/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.78.138 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-78-138.deploy.static.akamaitechnologies.com
Software
Jetty(9.0.6.v20130930) /
Resource Hash
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 08 Oct 2020 09:04:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 Aug 2020 16:15:25 GMT
Server
Jetty(9.0.6.v20130930)
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
6375
Expires
Thu, 08 Oct 2020 10:04:14 GMT
Rtgdir2-min.js
www.mainadv.com/Visibility/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mainadv.com/Visibility/Rtgdir2-min.js
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681f:5dcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
206967ee0e1310dd759baec45180512142797cd8b4e24d1e3de7f38aaec0f071

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
659
x-powered-by
ASP.NET
status
200
content-encoding
br
cf-request-id
05a90d3ec30000e0039832e200000001
last-modified
Thu, 08 Oct 2020 04:35:31 GMT
server
cloudflare
etag
W/"802b57742c9dd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602147854"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=691200
cf-ray
5deeb1779e43e003-FRA
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-8929134
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV9FBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7977945a656e6c2cd5fa1a55ad8147edb0b7066cdce40a8114d0d4ea11ca7824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37231
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Oct 2020 09:04:14 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://20801288p.rfihub.com/ca.gif?rb=35713&ca=20801288&_o=35713&_t=20801288&ra=1839919629
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTU4MjgwNDE2OTc0NTU5ODA0NA==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D1349...
  • https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D1582804169745598044https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fent...
  • https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1582804169745598044https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1582804169745598044https%253A%252F%252Fdsum-sec.casalemed...
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1582804169745598044https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1582804169745598044https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D1582804169745598044%2526forward%253D
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1582804169745598044https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D1582804169745598044https%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D57%2526external_user_id%253D1582804169745598044%2526forward%253D
Server
Jetty(9.0.6.v20130930)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
835.js
cdn.mndtrk.com/aud/clientjs/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mndtrk.com/aud/clientjs/835.js?&t=1
Requested by
Host: www.mainadv.com
URL: https://www.mainadv.com/Visibility/Rtgdir2-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:9c5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab73af037e38c49d28c2acf00a8bc199a4ac06255af523a1d17ef5df6e0b2522

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=Jovl8w==, md5=NiLF2wGuDan1pkpP8TCOCQ==
date
Thu, 08 Oct 2020 09:04:14 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UzUwbiUG50wqxVEVtpzmM9kqIJJRnzlX7Xbb1DYaPH0NtpN7ol-z5AJ9J7McIHiBg1ybiyY3jFqao4-e-AVwGg
x-goog-storage-class
STANDARD
status
200
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/plain
cf-request-id
05a90d3ef500002b591c217200000001
last-modified
Tue, 06 Oct 2020 09:23:28 GMT
server
cloudflare
etag
W/"3622c5db01ae0da9f5a64a4ff1308e09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602147854"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1601976208442579
cache-control
public, max-age=7200
x-goog-stored-content-length
4468
cf-ray
5deeb177ea482b59-FRA
expires
Thu, 08 Oct 2020 10:04:14 GMT
px
secure.adnxs.com/ 		0
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/px?id=1054484&seg=15663072&t=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KV9FBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Oct 2020 09:04:14 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.43:80
AN-X-Request-Uuid
a1d7ae4f-8146-4275-9506-916e838d59f8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
upf.js
c.webengage.com/ 		844 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/upf.js?lp=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&rf=&geo=y&jsonp=_we_jsonp_global_cb_1602147854058
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.30.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-30-132.compute-1.amazonaws.com
Software
/
Resource Hash
eb847bfe8e01d5c511d2cb132c0febd15419ce5947c4a1290f14c2799536bfbc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
status
200
vary
Accept-Encoding
content-length
844
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
SAMEORIGIN
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,content-type
expires
0
1073742998
secure-ds.serving-sys.com/adServingData/PROD/TMClient/8/ 		106 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/8/1073742998
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073742998
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-90-174.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
5076bd7c5c84d0b533c19313a1ef4c0e6e4ba41b22f87b4ed7dcd0caea8947c7

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
muwFdExiTUGhwfdOLHYJYRQwKIglXKes
content-encoding
gzip
etag
"871ff70fb44fe71ad31c207b97a5e109"
x-amz-request-id
ASCT8Q4R7X3N2Y0Y
status
200
x-amz-replication-status
COMPLETED
content-length
112
x-amz-id-2
8yPWTjP+EPODNzxcSjutt2g4oRZCbLJ40bairrvvwFVo5kMj6XTESsWEFo4MZTRfAphRptNNjSM=
last-modified
Wed, 06 Mar 2019 14:24:02 GMT
server
ATS/7.1.0
date
Thu, 08 Oct 2020 09:04:14 GMT
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=547
accept-ranges
bytes
idr.js
a.rfihub.com/ 		83 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/idr.js?_callback=window.RocketfuelBCP.jsonpCallbacks.request_cmZpSWRJbkNhY2hl
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash
0a3d76d2927065cbde21c58ca0c2c8f04d006a732d094ffd7d28c9d30728082e

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
public, max-age=33696000
Content-Type
application/javascript
Server
Jetty(9.0.6.v20130930)
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
83
Expires
Tue, 02 Nov 2021 09:04:14 GMT
Cookie set ca.html
20817756p.rfihub.com/ Frame 953D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://20817756p.rfihub.com/ca.html?rfiidc=1041246336965256896&rfiaid=960d1fd0b3af498d90ade00b27fc3e73&ver=9&rb=38390&ca=20817756&_o=38390&_t=1&pe=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&pf=&ra=9483029528566664
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
20817756p.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
eud=H4sIAAAAAAAAAJvFyGtoZmBkaGJuYWpiaGC0Co3_Co3_C40PAI8HecpAAAAA; cmd=H4sIAAAAAAAAAONiNBTiNTQzMDI0MbcwNTGwNAcADvc7qhIAAAA; rud=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrM0MzUyNbOwNBPiM9QtcCrNN8-sMDN3MdOV4jU0MzAyNDG3MDUxtDQDAO2oeNs0AAAA; ruds=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrM0MzUyNbOwNBPiM9QtcCrNN8-sMDN3MdMFABSlrmMlAAAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrM0MzUyNbOwNBPiM9QtcCrNN8-sMDN3MdOV4jU0MzAyNDG3MDUxtDQDAO2oeNs0AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 2 Nov 2021 09:04:14 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAAJvFyGtoZmBkaGJuYWpibGi2Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4RuPjOaeSyo_Fto_E2saOZzo_kPjb9IGJX_CI0PAFaPGz5QAQAA; Path=/; Domain=.rfihub.com; Expires=Tue, 2 Nov 2021 09:04:14 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrM0MzUyNbOwNBPiM9QtcCrNN8-sMDN3MdMFABSlrmMlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control
no-cache
Content-Type
text/html
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)
cookiematch.aspx
ck.solocpm.com/rtb/google/ Frame 1B07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=mainad_comunicacoes_ltda&google_ula=1060335013&google_cm&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&paget...
  • https://ck.solocpm.com/rtb/google/cookiematch.aspx?id=mainad_comunicacoes_ltda&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home&google_gid=CAES...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ck.solocpm.com/rtb/google/cookiematch.aspx?id=mainad_comunicacoes_ltda&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home&google_gid=CAESEAGnw_PO7DoLUoTg6OJOqtI&google_cver=1&google_ula=1060335013,0
Requested by
Host: cdn.mndtrk.com
URL: https://cdn.mndtrk.com/aud/clientjs/835.js?&t=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:786b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
ck.solocpm.com
:scheme
https
:path
/rtb/google/cookiematch.aspx?id=mainad_comunicacoes_ltda&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home&google_gid=CAESEAGnw_PO7DoLUoTg6OJOqtI&google_cver=1&google_ula=1060335013,0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM

Response headers

status
200
date
Thu, 08 Oct 2020 09:04:14 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d707a00bcb83afc8369148ddb079a41bf1602147854; expires=Sat, 07-Nov-20 09:04:14 GMT; path=/; domain=.solocpm.com; HttpOnly; SameSite=Lax
cache-control
private
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" policyref="http://cdn.solocpm.com/rtgstat/w3c/p3p.xml"
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
via
1.1 google
cf-cache-status
DYNAMIC
cf-request-id
05a90d3fd500002b89cca55200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5deeb17958e22b89-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ck.solocpm.com/rtb/google/cookiematch.aspx?id=mainad_comunicacoes_ltda&cok15=&cnty15=&ProgramName=Medlife_IN&AudienceId=835&CampaignId=0&Referrer=%24pdt_url%24&pagetype=home&google_gid=CAESEAGnw_PO7DoLUoTg6OJOqtI&google_cver=1&google_ula=1060335013,0
date
Thu, 08 Oct 2020 09:04:14 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
495
x-xss-protection
0
alt-svc
h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
f.php
my.rtmarks.net/ Frame 8BDC 		0
0
Serving
bs.serving-sys.com/ 		326 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073742998&dispType=js&sync=0&sessionid=3070957554511811643&pageurl=$$https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM$$&activityValues=$$Session%3D3059393993047931617$$&ns=0&rnd=19424338943619368
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073742998
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
82.199.68.73 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c8a7d72d14b1efdfa80ed61a7dd1c4d2ffbcfef5f491d44fed684a28ff2588cb

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Oct 2020 09:04:14 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Content-Type
text/html; charset=UTF-8
Content-Length
253
Expires
Sun, 05-Jun-2005 22:00:00 GMT
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=214791212924292&ev=Microdata&dl=https%3A%2F%2Fwww.medlife.com%2Fcollaflex%2Foffer%2FTG00469A%3Fis_retargeting%3Dtrue%26utm_source%3DCRM%26shortlink%3D90891a99%26utm_campaign%3DCollaflex-24JULY%26utm_medium%3DNotif%26c%3DJackpot-19JULY%26pid%3DCRM&rl=&if=false&ts=1602147854421&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife%22%2C%22meta%3Adescription%22%3A%22collaflex%20products%3A%20Buy%20wide%20range%20of%20collaflex%20products%20online%20at%20best%20prices%20online%20in%20India%20at%20Medlife.%20Shop%20now!%22%2C%22meta%3Akeywords%22%3A%22collaflex%2C%20health%20care%2C%20products%2C%20online%2C%20Medlife%2C%20India%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22collaflex%20-%20Buy%20collaflex%20Products%20Online%20%26%20Get%20Best%20Offers%20-%20Medlife%22%2C%22og%3Asite_name%22%3A%22medlife.com%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.medlife.com%2Fimages%2Fog-image.png%22%2C%22og%3Adescription%22%3A%22collaflex%20products%3A%20Buy%20wide%20range%20of%20collaflex%20products%20online%20at%20best%20prices%20online%20in%20India%20at%20Medlife.%20Shop%20now!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebSite%22%2C%22url%22%3A%22https%3A%2F%2Fwww.medlife.com%2F%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.medlife.com%2FMedicineSearch%3Fq%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602147853917.2001935392&it=1602147853845&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 08 Oct 2020 09:04:14 GMT
COLLAPS05A.jpg
cdn.medlife.com/productImages/COLLAPS05A/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.medlife.com/productImages/COLLAPS05A/COLLAPS05A.jpg?id=2020-08-10T08:01:49.193000+00:00
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-27.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e0cb44c80d9e64ee2e9b1a494a8ce638549bce3413951d9cb0d099a9ba70033

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:15 GMT
via
1.1 db5fd46eeb9457ed138e2c8651664df5.cloudfront.net (CloudFront)
last-modified
Wed, 18 Mar 2020 08:22:08 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
"5af432391b99d87cf25da6812b1f36c3"
x-cache
Miss from cloudfront
x-amz-version-id
null
status
200
accept-ranges
bytes
content-type
image/jpeg
content-length
110815
x-amz-cf-id
wsMIm-w5f6FAfQWFlP_wwLIRZASuByRMloxISnGNB-UKQRU7VJU37g==
1.png
cdn.medlife.com/productImages/COLLACS05A/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.medlife.com/productImages/COLLACS05A/1.png?id=2020-08-10T08:01:33.826000+00:00
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-27.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fb4766b1b15956c1e266dcae33bc0999b25104a0d558be07c8e161783174bb8

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:16 GMT
via
1.1 db5fd46eeb9457ed138e2c8651664df5.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jul 2020 06:44:36 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
"95e96f68c07d67e7b3ce197fca31ac88"
x-cache
Miss from cloudfront
x-amz-version-id
0HFg7XJwgLjdSBsfPGktWziqpI40CBlP
status
200
accept-ranges
bytes
content-type
image/png
content-length
141313
x-amz-cf-id
xIC6zaGiNfk75vj0X5FTfbfz1-VSOEH2ceJ1p0QvWxHNU5r9zwNw2A==
Webp.net-resizeimage%20(6).png
cdn.medlife.com/productImages/COLLAPS04A/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.medlife.com/productImages/COLLAPS04A/Webp.net-resizeimage%20(6).png?id=2020-08-10T08:01:19.976000+00:00
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-243-27.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06e90f6fb76086a23a4fd63fcc4dd14584565455184cabbf5cc7cd2747caed7f

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:15 GMT
via
1.1 db5fd46eeb9457ed138e2c8651664df5.cloudfront.net (CloudFront)
last-modified
Wed, 27 May 2020 09:14:36 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
"d36fb20691870d01ea41959bd911f297"
x-cache
Miss from cloudfront
x-amz-version-id
U9M_QVnGf74hhUV1ppW0tBU50zU65Lon
status
200
accept-ranges
bytes
content-type
image/png
content-length
67797
x-amz-cf-id
iAMN0yoJIyA82gTdMwYlM6_pNutbDrrTzaQ09Ia855tlZTBfa9KXSw==
truncated
/ 		457 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c772e31c3eba4215bb73ceede2d626f9bb3c684999a433358722e80663c0ef7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		340 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3266fb85a2d40feceb43704696ee6a51b338da86e10effbb3b6f2d898d1b5e7b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fChc4AMP6lbBP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medlife.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 01:20:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:45 GMT
server
sffe
age
200625
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
expires
Wed, 06 Oct 2021 01:20:29 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.medlife.com
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 06 Oct 2020 17:26:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:46 GMT
server
sffe
age
142678
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8024
x-xss-protection
0
expires
Wed, 06 Oct 2021 17:26:16 GMT
l4.jpg
c.webengage.com/ 		43 B
398 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/l4.jpg
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.30.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-30-132.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
x-content-type-options
nosniff
status
200
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
access-control-allow-headers
X-Requested-With,content-type
x-xss-protection
1; mode=block
l4.jpg
c.webengage.com/ 		43 B
398 B 		Other
General
Check archive.org
Download Go to
Full URL
https://c.webengage.com/l4.jpg
Requested by
Host: ssl.widgets.webengage.com
URL: https://ssl.widgets.webengage.com/js/webengage-min-v-6.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.30.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-30-132.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
x-content-type-options
nosniff
status
200
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
access-control-allow-headers
X-Requested-With,content-type
x-xss-protection
1; mode=block
List
rest-lang-service.medlife.com/api/v1/lang-service/ListApis/ 		106 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rest-lang-service.medlife.com/api/v1/lang-service/ListApis/List
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.234.2.118 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-234-2-118.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
6cce75a4dc1871940cb1d172931441d37e2d35d6cddeb39e4582207443d350c3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 08 Oct 2020 09:04:15 GMT
access-control-allow-origin
*
x-powered-by
Express
etag
W/"6a-A+LOFGyUa1oRfChdXw72kQemsj4"
content-length
106
content-type
application/json; charset=utf-8
insidePages.css
www.medlife.com/static/css/ 		305 KB
306 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/static/css/insidePages.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/fpr97dvYZF3wA30OfzMy7/pages/_app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d5d60bad1c28ee0694499334c6e42fc8b146a9f6ce17671a6e6640cbe4639cec

Request headers

Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
last-modified
Tue, 06 Oct 2020 15:26:23 GMT
x-powered-by
Express
etag
W/"4c413-174fe854d18"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
312339
expires
Fri, 09 Oct 2020 09:04:14 GMT
bootstrap.min.css
www.medlife.com/static/thirdpartycss/bootstrap/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.medlife.com/static/thirdpartycss/bootstrap/bootstrap.min.css
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/static/css/insidePages.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.64.228 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-64-228.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://www.medlife.com/static/css/insidePages.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 09:04:14 GMT
last-modified
Tue, 06 Oct 2020 15:26:15 GMT
x-powered-by
Express
etag
W/"2606e-174fe852dd8"
content-type
text/css; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
155758
expires
Fri, 09 Oct 2020 09:04:14 GMT
JSON
rest-lang-service.medlife.com/api/v1/lang-service/JSONApis/ 		85 KB
85 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rest-lang-service.medlife.com/api/v1/lang-service/JSONApis/JSON?lang=en
Requested by
Host: www.medlife.com
URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.234.2.118 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-234-2-118.ap-south-1.compute.amazonaws.com
Software
/ Express
Resource Hash
d6dbc88d19735179a4f5f64e5796204a516260fabd7e848cc3a83d6965ddd168

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 08 Oct 2020 09:04:15 GMT
access-control-allow-origin
*
x-powered-by
Express
etag
W/"154c0-mjkQ8lG45TNjSfHdbNjpmeHDSsg"
content-length
87232
content-type
application/json; charset=utf-8
Cookie set pstats.html
a.rfihub.com/ Frame FF9D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a.rfihub.com/pstats.html?rb=38390&ca=20817756&ri=155d21abd6e937430b408b13ae6fe514&rfiidc=1041246336965256896&rfiaid=960d1fd0b3af498d90ade00b27fc3e73&stats=%7B%2213488%22%3A%2252%2C1%22%2C%2217243%22%3A%2285%2C1%22%2C%2231937%22%3A%22280%2C1%22%2C%2240977%22%3A%22215%2C1%22%2C%2250495%22%3A%221552%2C1%22%2C%2251433%22%3A%2233%2C2%22%2C%2252220%22%3A%22252%2C1%22%2C%2253707%22%3A%22123%2C1%22%2C%2253935%22%3A%22191%2C1%22%2C%2254497%22%3A%22163%2C1%22%2C%2254651%22%3A%22200%2C2%22%2C%2254863%22%3A%22367%2C1%22%2C%2255065%22%3A%22142%2C1%22%2C%2255073%22%3A%2292%2C1%22%2C%2256659%22%3A%22249%2C1%22%2C%2256885%22%3A%22364%2C2%22%2C%2257347%22%3A%22223%2C2%22%2C%2257363%22%3A%22464%2C1%22%2C%2257895%22%3A%22279%2C1%22%2C%2258143%22%3A%22295%2C1%22%2C%2258553%22%3A%221121%2C1%22%2C%2258561%22%3A%22844%2C2%22%7D&ra=3533321778650953
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
185.31.128.128 , Netherlands, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.0.6.v20130930) /
Resource Hash

Request headers

Host
a.rfihub.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.medlife.com/collaflex/offer/TG00469A?is_retargeting=true&utm_source=CRM&shortlink=90891a99&utm_campaign=Collaflex-24JULY&utm_medium=Notif&c=Jackpot-19JULY&pid=CRM

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrM0MzUyNbOwNBPiM9QtcCrNN8-sMDN3MdOV4jU0MzAyNDG3MDcxMjEFACNqWY80AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 2 Nov 2021 09:04:34 GMT; Secure; SameSite=None eud=H4sIAAAAAAAAALvEymtoZmBkaGJuYW5iZGL2C40_iw2VvwqNfwiNfwqNfwmNfwuN_wiNP4kdlb8IjX8Ljd_EgeYebjR5HjT3C6PyAaR6I80AAQAA; Path=/; Domain=.rfihub.com; Expires=Tue, 2 Nov 2021 09:04:34 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjQwMTQyMTM2NrM0MzUyNbOwNBPiM9QtcCrNN8-sMDN3MdMFABSlrmMlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Content-Type
text/html; charset=ISO-8859-1
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Transfer-Encoding
chunked
Server
Jetty(9.0.6.v20130930)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.rtmarks.net
URL
https://my.rtmarks.net/f.php?f=sync&lr=1&partners=211x46c555d482fcf532dd6e266ca1fbcff2bbaae5528931d78ef71bcde52adc

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| webpackJsonp object| regeneratorRuntime object| __core-js_shared__ object| __NEXT_DATA__ object| __NEXT_P object| next function| _ function| __NEXT_PRELOADREADY object| __SENTRY__ function| logOtherPageEvents object| __NEXT_REDUX_STORE__ string| GoogleAnalyticsObject function| ga object| clevertap function| fbq function| _fbq function| gtag object| dataLayer object| webengage string| shopURL object| digitalData object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| _weq object| gtmCookies function| gtmParseQueryString object| gtmClientDataLayer function| gtmNoop function| gtmCheckIfValidUrlAsync function| gtmWaitForElementToDisplay undefined| gtmFindObjectByIdInObjectArray function| gtmCaesarCipher function| gtmSerializeJsonToQueryString object| gtmPageElementTaskList object| regexCookieExpiryArray function| gtmExtractLocalStorageInformationToGoogle function| gtmLogInformationToDynamoDB function| gtmFindObjectByKeyInObjectArray undefined| gtmCurrentPageUrl function| gtmDetectCurrentPage object| uetq object| criteo_q function| qp function| aagwaitForElementToDisplay function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| PhonePe object| Base64 function| UET object| wizrocket object| $WZRK_WR object| $CLTP_WR object| qevents object| versaTagObj function| _rfi object| rtgsettings function| diff_hours function| chkses function| chk function| CDV function| CIF function| CST function| CIG function| ToLowerItem function| stripHTML function| getParm function| TrafficCalculator function| CAU function| checkDuplicateScript string| tok string| p1 string| c object| messageMap object| webengage_fs_configurationMap object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData function| extend function| RocketfuelBCPInclude function| RocketfuelBCPClass function| RocketfuelUtils object| RocketfuelBCP function| Audience function| FDV function| CUDV function| urlcheck function| lengthcheck object| data_835 string| ptclString undefined| oneTagObj object| bsResponseObj

0 Cookies

8 Console Messages

Source Level URL
Text
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
======= [object Object]
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
click stream version: 1.0.54
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
click stream configured endpoint: https://rest.medlife.com/data/clickstream/v1/events
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
[object Object]
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
uuid [object Object]
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
[object Object]
console-api log URL: https://www.medlife.com/_next/static/chunks/commons.8b38f4fbe1bc4cdc25a0.js(Line 1)
Message:
starting click-stream --->
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Unable to parse JSON-LD tag. Malformed JSON found: '{ "@context": "http://schema.org", "@type": "Organization", "location": { "@type": "Place", "address": "Vaswani Centropolis, 5th & 6th Floor, Langford Rd, Bheemanna Garden, Shanti Nagar, Bengaluru, Karnataka 560027, India" }, "name": "Medlife", "description": "Online medicine shopping - Home delivery of 100% authentic medicines from India's largest online pharmacy store with over 5 million trusted users. Buy and pay on delivery!", "logo": "url of the logo", "url": "https://www.medlife.com", }'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20801288p.rfihub.com
20817756p.rfihub.com
9217966.fls.doubleclick.net
a.quora.com
a.rfihub.com
api-gateway.medlife.com
bat.bing.com
bs.serving-sys.com
c.webengage.com
c1.rfihub.net
cdn.medlife.com
cdn.mndtrk.com
cdnjs.cloudflare.com
ck.solocpm.com
cm.g.doubleclick.net
connect.facebook.net
d2r1yp2w7bby2u.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
medlife-app.onelink.me
my.rtmarks.net
pixel.rubiconproject.com
q.quora.com
rest-lang-service.medlife.com
rest.medlife.com
secure-ds.serving-sys.com
secure.adnxs.com
ssl.widgets.webengage.com
sslwidget.criteo.com
static.criteo.net
u13717896.ct.sendgrid.net
widget.as.criteo.com
wizrocketmail.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mainadv.com
www.medlife.com
wzrkt.com
zc2ab281a.webengage.co
my.rtmarks.net
104.103.78.138
13.126.167.43
13.234.2.118
142.250.74.194
143.204.201.101
15.207.64.228
151.101.113.2
167.89.123.16
178.250.2.151
182.161.73.211
184.31.90.174
185.31.128.128
185.33.221.91
216.58.207.70
216.58.212.162
2600:9000:203c:600:8:cf94:88c0:93a1
2606:4700:10::6814:786b
2606:4700:3030::681f:5dcb
2606:4700:3031::681b:9c5e
2606:4700::6811:4f6b
2606:4700::6812:1c93
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:815::2003
2a00:1450:4001:816::2008
2a00:1450:4001:81b::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81e::200e
2a02:2638:1::13
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.217.219.88
52.19.89.221
52.49.224.198
52.72.30.132
52.84.112.121
69.173.144.165
82.199.68.73
99.86.243.27
99.86.7.16
06e90f6fb76086a23a4fd63fcc4dd14584565455184cabbf5cc7cd2747caed7f
09f8ca5a34c9efab005ce918736bd8a28f12fc5f7b4004b9889ec56c4abff751
0a3d76d2927065cbde21c58ca0c2c8f04d006a732d094ffd7d28c9d30728082e
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18626b1bd3b134f0c74144a79889e62f5833d33f66daa33211ff27d4131c85c8
1d3f6e44e4fad7b136db04b4c6ec40e3d6349cd57a7eec5db8671c59d5d0df32
1dc38bddd48079151f93f401f913746694cd3b2d13e93f840684cae73c371462
1fa65c2738359acb2cb648317887c793b080c5185cae8f8dd3d4ec6bd423521d
206967ee0e1310dd759baec45180512142797cd8b4e24d1e3de7f38aaec0f071
20cf6156b68f0c1fe2463a96a772dbd5b12ee297444c6e67cdc113d7b9eee205
245e0bd9c5a93f34cc25a5742ea0d0dfe139d9fed4bda9a4ad13e6057da22072
288817a9c8ebd569a893948377d7a13781e670f506d473e386dc6180a91bcef5
29e673bb26f5f134b4d785ddaf705f0bb73cbf731780981f006bfab311acec53
3266fb85a2d40feceb43704696ee6a51b338da86e10effbb3b6f2d898d1b5e7b
348e5d4fd463363ed3148b27ecb0ce280dae231c786737a744ec4525b25deff1
38a4a0616eec7a64dc1b6a5c034eab3d054af0bd040c1c0d41df6435e905499a
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
3ca7d48017aea03b1f6b984584f5956140842cfdc329db1de675afb26c727cb9
3cb5162e19d9c6ecb634881fc079ab3aa8e9855a7bc164a830730a752a73e440
40aadcf9c0fdbf0d8d99b14e085bac2592593db89d9651ff1432b72c6605afec
4cc0f8168a59e83fb0f281e23010a66cd46eca436b4fa9c46ee678d322773021
5076bd7c5c84d0b533c19313a1ef4c0e6e4ba41b22f87b4ed7dcd0caea8947c7
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5904ebc9a724849b3c14455781910b67d26375578d3587392cd80d652e9cb7c2
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
613e0d411dc9a05612ac18c3ec535f4072f8b3f056cd6a35e425cb50a69d8261
672417e850f8ecb8b697727364dd81626fa5bb6bf482d2776473ceb869712027
6cce75a4dc1871940cb1d172931441d37e2d35d6cddeb39e4582207443d350c3
71745195edaa2e30e7efde50d1f4e2de7b49e72922cc9be7940a72f2ee14cfaa
748cec179478c92b4207f33336739486c1b138a6aa6127529f56b3485628265b
790e457b8c9857ea95b1410427e12bc0d3955c91686f3c5505b237d67aae174d
7977945a656e6c2cd5fa1a55ad8147edb0b7066cdce40a8114d0d4ea11ca7824
7ab964cdcec59ec48bdf4f2a307566e01af39d23c679e1a43156d870538e0e69
7c18413a26660b912396ec57020f7f4a2e99d5001f91efd326356062ca16c227
82bf5a855aaf5f66dd8362818f26829c10377b01801ce1769a4882dd90a9a151
83821ec59bb7204e45dc9a875b84bf043ff4c39e061b2d55da43758dcd88c5fc
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
8fb4766b1b15956c1e266dcae33bc0999b25104a0d558be07c8e161783174bb8
9e0cb44c80d9e64ee2e9b1a494a8ce638549bce3413951d9cb0d099a9ba70033
ab73af037e38c49d28c2acf00a8bc199a4ac06255af523a1d17ef5df6e0b2522
ac4f45c63e7192b1c9fb64be19be7a03084e16dc33b4dcfedabb44cb390c25a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb81456aba38a795598d515622335ecc6790a9fe22428c73f50bb2adf70a8b19
c772e31c3eba4215bb73ceede2d626f9bb3c684999a433358722e80663c0ef7b
c8a7d72d14b1efdfa80ed61a7dd1c4d2ffbcfef5f491d44fed684a28ff2588cb
cb2bb21705b9cce9781d02c9223f3344a65bd5314027d11c5a8518ad4bd84e84
cb5ac4ccb7cc3c6b05fffc14ccc58785339a41a110c2efdc15bcd403ddf057f1
cd8c08a3770800c33b33ff489691deaad11b4860fd32b7fd0df42b51011b253e
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d5d60bad1c28ee0694499334c6e42fc8b146a9f6ce17671a6e6640cbe4639cec
d6dbc88d19735179a4f5f64e5796204a516260fabd7e848cc3a83d6965ddd168
d859a4dd217c69f291adef445e1c3a938ef7d850af3ba0f79f8ae081cda89e12
e102099574ea610bb2f5bc4fc1f57790ece5b2d1a2eb2e94914de078a1ae93cf
e1a1619d31a46994c7cb92ac8d8991915c99fbb862912b4ea244ca7b957da324
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb847bfe8e01d5c511d2cb132c0febd15419ce5947c4a1290f14c2799536bfbc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6de6beb1cf5bf809eccfe10f99aea0e0969c71d4eab5446410fef72695679f
f36d71c69bcec4ce625d2923d36a4b1f64bbc2e5691c99cf8a4f3b0f79d1edb4
f68e04d660d1aad4ee013a7a9553d61154e4d5da634862e507887dce48e43e4e