bg.medicineofme.com Open in urlscan Pro
2606:4700:3032::ac43:9ddb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.medicineofme.com/
Submission: On August 21 via manual (August 21st 2022, 4:29:51 pm UTC) from BG — Scanned from DE

Summary HTTP 41 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3032::ac43:9ddb, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.medicineofme.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time bg.medicineofme.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3032::ac43:9ddb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.15.53 18.66.15.53	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2600:9000:206... 2600:9000:206f:a400:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225e:800:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
3	99.86.4.115 99.86.4.115	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2606:4700:303... 2606:4700:3037::6815:e35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
41	14

7 2606:4700:3032::ac43:9ddb (United States)

ASN13335 (CLOUDFLARENET, US)

bg.medicineofme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.medicineofme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
medicineofme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-53.vie50.r.cloudfront.net

www.statsforads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-115.fra6.r.cloudfront.net

optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:e35 (United States)

ASN13335 (CLOUDFLARENET, US)

medicineofme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

img.medicineh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	gstatic.com fonts.gstatic.com	114 KB
8	medicineofme.com bg.medicineofme.com img.medicineofme.com medicineofme.com	364 KB
7	medicineh.com img.medicineh.com	599 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10960	2 KB
3	consensu.org optad360.mgr.consensu.org — Cisco Umbrella Rank: 117575	241 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	132 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3880	71 KB
2	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 47240 get.optad360.io — Cisco Umbrella Rank: 27697	74 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	2 KB
1	statsforads.com www.statsforads.com — Cisco Umbrella Rank: 122443	6 KB
0	Failed function sub() { [native code] }. Failed
41	13

	Domain	Requested by
8	fonts.gstatic.com	fonts.googleapis.com
7	img.medicineh.com	bg.medicineofme.com
5	mc.yandex.com	2 redirects bg.medicineofme.com
5	medicineofme.com	bg.medicineofme.com medicineofme.com
3	optad360.mgr.consensu.org	cmp.optad360.io optad360.mgr.consensu.org
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	mc.yandex.ru	1 redirects bg.medicineofme.com
2	img.medicineofme.com	bg.medicineofme.com optad360.mgr.consensu.org
1	www.googletagservices.com	get.optad360.io
1	get.optad360.io	bg.medicineofme.com
1	fonts.googleapis.com	bg.medicineofme.com
1	cmp.optad360.io	bg.medicineofme.com
1	cdn.jsdelivr.net	bg.medicineofme.com
1	www.statsforads.com	bg.medicineofme.com
1	bg.medicineofme.com
0	wp-content Failed	medicineofme.com
41	16

This site contains links to these domains. Also see Links.

Domain
te.medicineofme.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
statsforads.com Amazon	`2021-10-18` - `2022-11-16`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
optad360.mgr.consensu.org Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bg.medicineofme.com/
Frame ID: 0C6005C7295E806E49E0024217857779
Requests: 38 HTTP requests in this frame

Frame: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Frame ID: 22EBD5AB39789BD80CB4B7F38D74625D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

У дома 2022 | bg.medicineofme.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

41
Requests

88 %
HTTPS

77 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

1631 kB
Transfer

4472 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://te.medicineofme.com/
Title: bg.medicineofme.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9737.a6E88BNsHnW8AkpIuURnCKJbbmoRJZbAfm0X40ufaV89JiClSNXVbcOaIYyjqCii.-XIaudlUxQdKzLAfss5i5N44LgM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9737.oiolMxfiakpAYwvtgFGXO_ILvNSWDaukhvXEhLeEw3gk8cDnS7YphPduI3GjhjFPeJREG1fJGG1CtXAX430sjQ%2C%2C.I70oqnZsPBDOzklwbuhRp6o7BAc%2C

Request Chain 39

https://mc.yandex.com/watch/52577737?wmode=7&page-url=https%3A%2F%2Fbg.medicineofme.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A349098130364%3Ahid%3A178811239%3Az%3A0%3Ai%3A20220821162946%3Aet%3A1661099387%3Ac%3A1%3Arn%3A969218044%3Arqn%3A1%3Au%3A1661099387118695657%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099385817%3Ads%3A16%2C71%2C87%2C33%2C0%2C0%2C%2C627%2C42%2C%2C%2C%2C841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661099387%3At%3A%D0%A3%20%D0%B4%D0%BE%D0%BC%D0%B0%202022%20%7C%20bg.medicineofme.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/52577737/1?wmode=7&page-url=https%3A%2F%2Fbg.medicineofme.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A349098130364%3Ahid%3A178811239%3Az%3A0%3Ai%3A20220821162946%3Aet%3A1661099387%3Ac%3A1%3Arn%3A969218044%3Arqn%3A1%3Au%3A1661099387118695657%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099385817%3Ads%3A16%2C71%2C87%2C33%2C0%2C0%2C%2C627%2C42%2C%2C%2C%2C841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661099387%3At%3A%D0%A3%20%D0%B4%D0%BE%D0%BC%D0%B0%202022%20%7C%20bg.medicineofme.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bg.medicineofme.com/ 50 KB
8 KB 174ms
87ms Document
text/html 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.9
Resource Hash: 1ddb46ef2bac66c7d52d404fc5d08037f4191e7825db4c47fc43313fda910532

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 73e4bfd9fe733763-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Aug 2022 16:29:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 22 Aug 2022 16:29:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wY9rjF3oEyfjXWEsWrgtGmXc7cZ5E5EEtabQw0GmoQ2l6mf16aVle2I5CMt2lKYehdjy%2Bops9Shgsn%2BdS6GBCnmip6vDsvoBXOqkCJCdRRxQckdUZzjUjHP53Ecps1jbLk0TcvsYw7ap58Ga8WL15Zef"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.1.9

GET
H2 200 180427526.min.js Show response
www.statsforads.com/tag/ 19 KB
6 KB 148ms
42ms Script
application/javascript 18.66.15.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statsforads.com/tag/180427526.min.js
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-53.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3125a0924cc53ccd18d9fa81ad1596bc07e03423f4b5df4e6ab2268a32da7ebf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:15:06 GMT
content-encoding: gzip
last-modified: Mon, 25 Mar 2019 16:21:48 GMT
server: AmazonS3
age: 881
etag: W/"7a86304582faa7d415fa8f8b2f60071c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: dKT1vP9_SuI4nMAOJSIbpaoRNmkPBLAQf4HZcCdbw9c7tOdzoBx4Vw==

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 110ms
35ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 13102
x-jsd-version: 3.1.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1299
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
x-served-by: cache-fra19157-FRA, cache-mxp6979-MXP
x-jsd-version-type: version
date: Sun, 21 Aug 2022 16:29:46 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 8197b26b-97b6-4908-88c3-2c70b7c31b86.min.js Show response
cmp.optad360.io/items/ 253 KB
72 KB 211ms
79ms Script
application/javascript 2600:9000:206f:a400:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/8197b26b-97b6-4908-88c3-2c70b7c31b86.min.js
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7affdd7d731e0f1d2feeb2eead8219a6f53e1a2463da43a85ccec6160f656fbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:47 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 13:51:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"bdf9d7f2b21158332dff4b8dafa70b33"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: TGn_KcYHHOG7xQ2WOdzt4KKHDtiqwVV0NFs4-md9KLo3Cz1rF-uRRA==

GET
H2 200 logo.png
img.medicineofme.com/logo/ 6 KB
6 KB 58ms
40ms Image
image/png 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineofme.com/logo/logo.png
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d742537e124cc2f65ec2bbc38d483457194dea5b3793199e4d0566083df3ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5756
last-modified: Fri, 21 Feb 2020 18:38:04 GMT
server: cloudflare
etag: "167c-59f1a5269cdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWfonRwGXdpAvW05YM%2BqAEbs6xGPe4tZQxMKpDa56BR6ltKsdTibPvcfwa5oUxOGLTeAC6fO4Oulb93MOKBx4JwNO5ofHGmR3XLB8YfRcleG5ZSe5w7dh86oMIPswvZgl6q0IG8e1FqEC7RkYHPqPdyVgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdacff03763-MXP
expires: Mon, 21 Aug 2023 16:29:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 93ms
43ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Requested by

Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6f153a8653f39e37b4de72c01eab1e26bad3cba45ec63b73786cbc083d46d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 21 Aug 2022 16:29:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 21 Aug 2022 16:29:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Aug 2022 16:29:46 GMT

GET
H2 200 style.css
medicineofme.com/template/002/wp-content/cache/min/10/ 1 MB
154 KB 300ms
287ms Stylesheet
text/css 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicineofme.com/template/002/wp-content/cache/min/10/style.css
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c2f083c5a5123daf2bb290698765edf33b7ad350d690559a7bdee784a95d6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 23 Feb 2020 13:43:12 GMT
server: cloudflare
etag: W/"13233c-59f3e6f99bb85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ne%2Fzf39QCdPqjd6wTnyQbhPLDvCVaaKObenBSiQxXcYPDA2MlDh8qUzpEHqsVSJ86%2BuA8R4try7GMndJQFlTO%2B9hA%2FHpeAajM6nkbw6kSEcz%2FqNLX6AK7PHz44RCDXo0Gj8IRgQQrAB0YRI36YRQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 73e4bfdad80f3763-MXP
expires: Sun, 04 Sep 2022 16:29:46 GMT

GET
H2 200 font-awesome.min.css
medicineofme.com/template/002/css/ 30 KB
7 KB 126ms
113ms Stylesheet
text/css 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicineofme.com/template/002/css/font-awesome.min.css
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ecb90a070cd3914b79097ce76d06a49176ca1da5e11ce45aec68f1ded3ab41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 26 Mar 2020 14:31:54 GMT
server: cloudflare
etag: W/"78a0-5a1c2d8ab8da2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2JM0IM7rAI%2BT9ZsY0jV0GRJH3H3JthygRXqAflp0%2F%2BNHwBdNHg41iOK60RI%2FiqIQPZCHnJyWjTk0Yz2khZMjywQ7P7B%2FyLa6nTqIs1O%2BqdrgbsErKVsV08tH%2FrgtROGlphIb66rI9yBr4EI1nb6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 73e4bfdad8113763-MXP
expires: Sun, 04 Sep 2022 16:29:46 GMT

GET
H2 200 jquery.js Show response
medicineofme.com/template/002/wp-includes/js/jquery/ 95 KB
34 KB 150ms
138ms Script
application/javascript 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicineofme.com/template/002/wp-includes/js/jquery/jquery.js
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa560664a187ea3dc996eb43ce2b3cf9f32a04ebd4e5f41f0b626a094484ba39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 23 Feb 2020 13:42:47 GMT
server: cloudflare
etag: W/"17b5c-59f3e6e1e4d5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejjj7hy7zoFCmIEffd1MdMwEM7%2BIKZU4FYt5ZyY6Z6eIsSu6MTjCKu0T5r%2FZY8VvXnrS6Pd%2Bv1C7jdWQ8cpuMpgu%2Be5qudQW6CqvpHPdADJWoJ5vWUoLBwXm%2Fl4jLu3bYiUtls84h9AUJox3XZGc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 73e4bfdad8123763-MXP
expires: Sun, 04 Sep 2022 16:29:46 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/d9da4e56-5148-11e9-90af-02b353d38134/ 5 KB
2 KB 100ms
27ms Script
application/javascript 2600:9000:225e:800:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/d9da4e56-5148-11e9-90af-02b353d38134/plugin.min.js
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a553ffa6ee449f19b9bb34891e172227f31aef1c6264a4a6becc9c3adf0deb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:34 GMT
content-encoding: gzip
last-modified: Thu, 28 Mar 2019 11:05:25 GMT
server: AmazonS3
age: 13
etag: W/"56b2b920fa86b5ef00ec7a8576d4f630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: DV2c0DhvTBqzTtdoeIdTOpp4-Qyw1icNl-fbpoFQuFKzmYL3IrodKg==

GET
H2 200 06e2b2d4fd358bf48e32e7e5445b2c04.js Show response
medicineofme.com/template/002/wp-content/cache/min/10/ 245 KB
72 KB 190ms
178ms Script
application/javascript 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicineofme.com/template/002/wp-content/cache/min/10/06e2b2d4fd358bf48e32e7e5445b2c04.js
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7884dda5bcc0613481ffae0309a890f370de35966d989de897fc18a0f96dd57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 23 Feb 2020 13:43:11 GMT
server: cloudflare
etag: W/"3d3bf-59f3e6f8bc929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWR5kKjlF7PjuHtPs%2FzMOvrdvR4s%2FCr9j2PuLaJdcbNOpgVCiahNECi3tZF52mdac35E8HQHPyyJdARd5CD3Dg5h3zpd9Y8HC4iBzjg%2Bj%2Bc3FUylYcDMWM3gGJTw4tJ6aRfPx5TCQvM%2Fy2050Ksg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 73e4bfdad8153763-MXP
expires: Sun, 04 Sep 2022 16:29:46 GMT

GET
H2 200 en.json Show response
optad360.mgr.consensu.org/cmp/v2/translations/v4/ 4 KB
2 KB 181ms
58ms XHR
application/json 99.86.4.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/translations/v4/en.json
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/8197b26b-97b6-4908-88c3-2c70b7c31b86.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-115.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 11:15:51 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 12:24:15 GMT
server: AmazonS3
age: 18836
etag: W/"e3fe984dfb883f99b54c331403be617b"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=360000000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: _AWDl52HhXUeCPmgd39x0PdmPTMh6CB7jg8jQFWBIXieVupjhgqa-Q==
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 127ms
64ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 411055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:18:51 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 106ms
50ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 15 Aug 2022 17:47:57 GMT
x-content-type-options: nosniff
age: 513709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Aug 2023 17:47:57 GMT

GET fontawesome-webfont.woff2
wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 0
0

GET
H2 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLCwM9UvI.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 10 KB
10 KB 116ms
61ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLCwM9UvI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a5742da8af465cd67642ab12a2531408810ba9482df8c64db02fe0b5f6c3c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 19:31:46 GMT
x-content-type-options: nosniff
age: 334680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10444
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:11:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 19:31:46 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 100ms
45ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 22:27:19 GMT
x-content-type-options: nosniff
age: 410547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 22:27:19 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 429697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 17:08:09 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 107ms
57ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 14 Aug 2022 19:04:27 GMT
x-content-type-options: nosniff
age: 595519
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Aug 2023 19:04:27 GMT

GET
H2 200 ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 17 KB
17 KB 86ms
38ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVj2ZhZI2eCN5jzbjEETS9weq8-19eLDwM9.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:45:33 GMT
x-content-type-options: nosniff
age: 373453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17376
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:55:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 08:45:33 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 100ms
55ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400italic%7CRoboto+Condensed:700,400italic,400%7CNoto+Sans:400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:46:27 GMT
x-content-type-options: nosniff
age: 373399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9592
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Aug 2023 08:46:27 GMT

GET fontawesome-webfont.woff
wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 0
0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 257ms
123ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-118b8"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71864
expires: Sun, 21 Aug 2022 17:29:46 GMT

GET fontawesome-webfont.ttf
wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 0
0

GET
H3 200 fontawesome-webfont.woff2
medicineofme.com/template/002/css/ 75 KB
76 KB 252ms
134ms Font
application/octet-stream 2606:4700:3037::6815:e35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://medicineofme.com/template/002/css/fontawesome-webfont.woff2
Requested by: Host: medicineofme.com
URL: https://medicineofme.com/template/002/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:e35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://medicineofme.com/template/002/css/font-awesome.min.css
Origin: https://bg.medicineofme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Sat, 22 Feb 2020 22:14:22 GMT
server: cloudflare
etag: "12d68-59f3175d6e72d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BW6GXJxCk2aR35TbiuCWkxaq32tzBWscOSe8Bl%2B6LOqudsrDLNTQEg7zUYPvWUJXc1duT8YJNA4vwQmBFral4sXTQgcZBLi%2BztOtQjwAo3LXdg%2BEY1ybYSRx6xfdwveRruLL6uvndajCleHgS7Rm"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4bfdf5bfd83af-MXP
expires: Sun, 28 Aug 2022 16:29:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 82ms
25ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/d9da4e56-5148-11e9-90af-02b353d38134/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7b3488d480a40ae648068c5c27e85a5cefcd5ebbf806dc139e54dc5031668e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28482
x-xss-protection: 0
server: sffe
etag: "1309 / 31 of 1000 / last-modified: 1660946721"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 16:29:46 GMT

GET
H2 200 cmp-3.0.0.min.js Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 22EB 691 KB
190 KB 61ms
22ms Script
application/javascript 99.86.4.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Requested by: Host: cmp.optad360.io
URL: https://cmp.optad360.io/items/8197b26b-97b6-4908-88c3-2c70b7c31b86.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-115.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 02:31:37 GMT
content-encoding: gzip
last-modified: Wed, 07 Apr 2021 09:53:34 GMT
server: AmazonS3
age: 50320
etag: W/"2ea07aea04f56769b6dd53f48dae904d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: DCrNxOSambwiFa5wwTZGGRlL0s70QpUwSYFHxZ687Ud-3kN5AJmjRQ==

GET
H2 200 blank.jpg
img.medicineh.com/img/img/ 148 KB
149 KB 119ms
39ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/img/blank.jpg
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae9c7075cadfe0ee7e33d2d5f16e6b8a0307ea4e67235e4fc1d7b72dab1586a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 891988
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 151314
last-modified: Fri, 21 Feb 2020 05:52:43 GMT
server: cloudflare
etag: "24f12-59f0fa1512a26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQGNVCMTrFs%2F7q0CqfAeIaT92X7DGSFeKuNYIFzpnV6713deZSn4VXzG629VHACyUnxJND9o72ADs3EZmdEueMT3VcTCYBeqUry6QfOfreoe4dh0eQeMQAv3e%2FmHqnKsuB3FrPUVJUHYokCXIAigsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf20bb23-MXP
expires: Fri, 11 Aug 2023 08:43:18 GMT

GET
H2 200 pancreatin-10-capsuledelayed-release-enteric-coated-capsuledelayed-ec..jpg
img.medicineh.com/img/drugs-medications/ 78 KB
79 KB 210ms
131ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/drugs-medications/pancreatin-10-capsuledelayed-release-enteric-coated-capsuledelayed-ec..jpg
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4836d4c4f735f42da5e463dc7ea5d497547969b914ede6c2517a861ae0ca1a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79796
last-modified: Fri, 21 Feb 2020 05:42:07 GMT
server: cloudflare
etag: "137b4-59f0f7b6d64a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frQ2roAzpzDNcMPRyN6CsKEAOHhud0LAjDBhgG66I5Egzp%2F7ZyO7FQAc3qHkw2GdxnwnZrS4k4m0jNCVa4C34gcmvsW3eLAAdLBw04oQS%2FlZaKT%2FesKvstW96Alx4ijStyqC%2FbT%2Faa9EzrfPYIrECQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf2bbb23-MXP
expires: Mon, 21 Aug 2023 16:29:46 GMT

GET
H2 200 sertraline-hcl-24.jpg
img.medicineh.com/img/drugs-medications/ 39 KB
39 KB 178ms
99ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/drugs-medications/sertraline-hcl-24.jpg
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bf277ca18f390e22ab5fcb9c4b25cfb5c6257c7edf846e44712e906d29ee94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39672
last-modified: Fri, 21 Feb 2020 05:44:27 GMT
server: cloudflare
etag: "9af8-59f0f83c4939f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jv3Vm1wGLjnHimA%2BhT1kk30JTpx0lzZxSjgnjX45HR1ESG0Z%2F7WJ4HKga6wxWOy5UPlimf6h6Vh0JdYXf13iWV%2BmcB966ruafZ2qF2P6p2y5VmA7ApBJUFFAxt7eJ6zI6t1seWkNcgiMZnmJGQG5mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf2abb23-MXP
expires: Mon, 21 Aug 2023 16:29:46 GMT

GET
H2 200 hydra-spray-la-spray-non-aerosol
img.medicineh.com/img/drugs-medications/ 44 KB
44 KB 177ms
99ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/drugs-medications/hydra-spray-la-spray-non-aerosol
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d087cf578e8a5c2d7999f8c09bef25a4eb00aff5a0eeb4865dc51325e0c2f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44641
last-modified: Fri, 21 Feb 2020 05:37:37 GMT
server: cloudflare
etag: "ae61-59f0f6b4fb590"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZMiFYncPxj0S1LiXVQYyJ2mXDeORnhIDIos3grlQ0fk4W7brGgTsStWmtUN00X3EKLPVkFyzfbYsDXBGmA%2BH%2FpM368muZAxmIypOZtucovfZRsr1KtPa%2FXbfjZc%2BgQ9l7yE4NPZiNw1ZFFhAaS6pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf27bb23-MXP
expires: Mon, 21 Aug 2023 16:29:46 GMT

GET
H2 200 cant-taste-anything-check-your-nose.jpg
img.medicineh.com/img/food-recipes/ 36 KB
37 KB 181ms
103ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/food-recipes/cant-taste-anything-check-your-nose.jpg
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a3de017b8d59a5e5bf3d08a2998ddbdbdb846b84cd497948a03c6fb52f5cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37021
last-modified: Fri, 21 Feb 2020 05:49:34 GMT
server: cloudflare
etag: "909d-59f0f9609ae27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q03UDumwiZi5QJ5Q4dQvHkU7LPNvcFrBjz4bqyDp3RdvGp64%2Fzxwv1RjFG5nYBUO7kUbwhvUd2x6xHZzfRveCv65pRLbCHQD2c10IXlEBVTH156Vc1ldQMQW%2B8w7i0YZ0Y6pivWJeyK9ZfVrKII3aQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf31bb23-MXP
expires: Mon, 21 Aug 2023 16:29:46 GMT

GET
H2 200 symbicort-hfa-aerosol-with-adapter-2.jpg
img.medicineh.com/img/drugs-medications/ 39 KB
39 KB 184ms
106ms Image
image/jpeg 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/drugs-medications/symbicort-hfa-aerosol-with-adapter-2.jpg
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82e8065d7f4c66b26875f109b8b44a137073205d3347e22dd7666839e686bdc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40028
last-modified: Fri, 21 Feb 2020 05:45:12 GMT
server: cloudflare
etag: "9c5c-59f0f8672af63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMYu6Jeh9aLYIwCkQ%2BxbHD2KOZHPBIKhXqwGMnKmPWO%2FCvcvyyBiTjuZefWhVYMj2ChF3LxhCY1ectSf7lOxRhxj0ucYD%2BlXq9FsdVOPFwLNL6vwCB5npQ16bHtCcV%2F44tDWmYQHSkS0j9geANTqfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf22bb23-MXP
expires: Mon, 21 Aug 2023 16:29:46 GMT

GET
H2 200 zyrtec.png
img.medicineh.com/img/drugs-medications/ 212 KB
212 KB 111ms
111ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineh.com/img/drugs-medications/zyrtec.png
Requested by: Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 010842570e0ae020cff83a630c21e39282d01536d79d6e19d88a7f281e3393e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:46 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 216958
last-modified: Fri, 21 Feb 2020 05:47:36 GMT
server: cloudflare
etag: "34f7e-59f0f8effea42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1YuNFY5bSDWO5eBL4GcKFmQWOfnzMVC3adXUIDgdDy8PNgQ9DnPWeHd1JPQPgRD2iLoW61cApVDeNmZf1tDwjTplMzsgRcBpSnbVNoN8ZGEgG2F%2BEUw4KGfi26dmnRQ%2BOQDQCBoFKDHAlPnJBQ5ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfdfcf34bb23-MXP
expires: Mon, 21 Aug 2023 16:29:46 GMT

GET
H2 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 106ms
31ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 14:55:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Aug 2023 14:55:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 128 B
739 B 110ms
53ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.medicineofme.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

81ce264fa53cc1f0c6e5ebdc53348eeb58a5fdb892cfda456139d1acfd99c36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Sun, 21 Aug 2022 16:29:46 GMT

GET
H2 200 vendor-list.json Show response
optad360.mgr.consensu.org/cmp/v2/ Frame 22EB 373 KB
50 KB 33ms
33ms XHR
application/json 99.86.4.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360.mgr.consensu.org/cmp/v2/vendor-list.json
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-115.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 11:15:53 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 01:00:08 GMT
server: AmazonS3
age: 18834
etag: W/"d1136a4aecebab44af883071315ae35c"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=360000000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: UVP4kwuvPxecpolQob5NqnI35SLW2nQK_JNRi2dUkpzExD3Xtali5g==
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9737.a6E88BNsHnW8AkpIuURnCKJbbmoRJZbAfm0X40ufaV89JiClSNXVbcOaIYyjqCii.-XIaudlUxQdKzLAfss5i5N44LgM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9737.oiolMxfiakpAYwvtgFGXO_ILvNSWDaukhvXEhLeEw3gk8cDnS7YphPduI3GjhjFPeJREG1fJGG1CtXAX430sjQ%2C%2C.I70oqnZsPBDOzklwbuhRp6o7BAc%2C

75 B
75 B

62ms
61ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9737.oiolMxfiakpAYwvtgFGXO_ILvNSWDaukhvXEhLeEw3gk8cDnS7YphPduI3GjhjFPeJREG1fJGG1CtXAX430sjQ%2C%2C.I70oqnZsPBDOzklwbuhRp6o7BAc%2C

Requested by

Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:47 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9737.oiolMxfiakpAYwvtgFGXO_ILvNSWDaukhvXEhLeEw3gk8cDnS7YphPduI3GjhjFPeJREG1fJGG1CtXAX430sjQ%2C%2C.I70oqnZsPBDOzklwbuhRp6o7BAc%2C
date: Sun, 21 Aug 2022 16:29:47 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 logo.png
img.medicineofme.com/logo/ Frame 22EB 6 KB
6 KB 70ms
37ms Image
image/png 2606:4700:3032::ac43:9ddb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.medicineofme.com/logo/logo.png
Requested by: Host: optad360.mgr.consensu.org
URL: https://optad360.mgr.consensu.org/cmp/v2/cmp-3.0.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:9ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d742537e124cc2f65ec2bbc38d483457194dea5b3793199e4d0566083df3ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 951373
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5756
last-modified: Fri, 21 Feb 2020 18:38:04 GMT
server: cloudflare
etag: "167c-59f1a5269cdc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOhJLff2xUboBEl3lbHpZrHDbcochi1IMqFvgZLTe%2FSyb5KCn0HJNJTlJtq8cfE3GeziP7ofEJ%2FjCPzlq99k5aejJf8qkmAMhbUDBEr58RZ5IMc9uc4JD6SlUEnuAn7g80vBIzggemAFHE3b5P2thfaL5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 73e4bfe11a31bb06-MXP
expires: Thu, 10 Aug 2023 16:13:34 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 70ms
69ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: bg.medicineofme.com
URL: https://bg.medicineofme.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:29:47 GMT
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Aug 2022 17:29:47 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/52577737/
Redirect Chain

https://mc.yandex.com/watch/52577737?wmode=7&page-url=https%3A%2F%2Fbg.medicineofme.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A327%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/52577737/1?wmode=7&page-url=https%3A%2F%2Fbg.medicineofme.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A327%3Afu%3A0%3Aen%3Aut...

350 B
432 B

69ms
69ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/52577737/1?wmode=7&page-url=https%3A%2F%2Fbg.medicineofme.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A349098130364%3Ahid%3A178811239%3Az%3A0%3Ai%3A20220821162946%3Aet%3A1661099387%3Ac%3A1%3Arn%3A969218044%3Arqn%3A1%3Au%3A1661099387118695657%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099385817%3Ads%3A16%2C71%2C87%2C33%2C0%2C0%2C%2C627%2C42%2C%2C%2C%2C841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661099387%3At%3A%D0%A3%20%D0%B4%D0%BE%D0%BC%D0%B0%202022%20%7C%20bg.medicineofme.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0d846d413eae590d2fda9b9392387cf35366ea0866ed6774f88fa9266163141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.medicineofme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:29:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 16:29:47 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.medicineofme.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 16:29:47 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:29:47 GMT
last-modified: Sun, 21-Aug-2022 16:29:47 GMT
location: /watch/52577737/1?wmode=7&page-url=https%3A%2F%2Fbg.medicineofme.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A349098130364%3Ahid%3A178811239%3Az%3A0%3Ai%3A20220821162946%3Aet%3A1661099387%3Ac%3A1%3Arn%3A969218044%3Arqn%3A1%3Au%3A1661099387118695657%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099385817%3Ads%3A16%2C71%2C87%2C33%2C0%2C0%2C%2C627%2C42%2C%2C%2C%2C841%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661099387%3At%3A%D0%A3%20%D0%B4%D0%BE%D0%BC%D0%B0%202022%20%7C%20bg.medicineofme.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bg.medicineofme.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 16:29:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wp-content
URL: https://wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: wp-content
URL: https://wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: wp-content
URL: https://wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medicineofme.com/	1970-01-20 14:10:35	Name: _ym_uid Value: 1661099387118695657
.medicineofme.com/	1970-01-20 14:10:35	Name: _ym_d Value: 1661099387
.mc.yandex.com/	1970-01-20 05:24:59	Name: sync_cookie_csrf Value: 1548727595fake
.medicineofme.com/	1970-01-20 05:26:11	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 05:24:59	Name: sync_cookie_csrf Value: 3506131247fake
.yandex.com/	1970-01-20 14:10:35	Name: yandexuid Value: 5295503771661099387
.yandex.com/	1970-01-20 14:10:35	Name: yuidss Value: 5295503771661099387
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 909340541661099387
.yandex.com/	1970-01-20 15:00:59	Name: i Value: DN2ihBl7hsoVUa+pfzZBC1XNd300eUvx6ZG7/BmLQXOpr5T8RhEn9ZmtSxFtP7tExfNQZsLi4iofNeYl7jN3A141Zek=
.yandex.com/	1970-01-20 14:10:35	Name: ymex Value: 1692635387.yrts.1661099387#1692635387.yrtsi.1661099387

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9737.oiolMxfiakpAYwvtgFGXO_ILvNSWDaukhvXEhLeEw3gk8cDnS7YphPduI3GjhjFPeJREG1fJGG1CtXAX430sjQ%2C%2C.I70oqnZsPBDOzklwbuhRp6o7BAc%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bg.medicineofme.com
cdn.jsdelivr.net
cmp.optad360.io
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
img.medicineh.com
img.medicineofme.com
mc.yandex.com
mc.yandex.ru
medicineofme.com
optad360.mgr.consensu.org
securepubads.g.doubleclick.net
wp-content
www.googletagservices.com
www.statsforads.com
wp-content
172.217.16.194
18.66.15.53
2600:9000:206f:a400:6:b871:4f00:93a1
2600:9000:225e:800:11:a4de:2580:93a1
2606:4700:3032::ac43:9ddb
2606:4700:3037::6815:e35
2a00:1450:4001:80e::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a02:6b8::1:119
2a04:4e42:200::485
2a06:98c1:3120::c
99.86.4.115
010842570e0ae020cff83a630c21e39282d01536d79d6e19d88a7f281e3393e8
0d846d413eae590d2fda9b9392387cf35366ea0866ed6774f88fa9266163141f
1ddb46ef2bac66c7d52d404fc5d08037f4191e7825db4c47fc43313fda910532
2a5742da8af465cd67642ab12a2531408810ba9482df8c64db02fe0b5f6c3c86
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d087cf578e8a5c2d7999f8c09bef25a4eb00aff5a0eeb4865dc51325e0c2f73
3125a0924cc53ccd18d9fa81ad1596bc07e03423f4b5df4e6ab2268a32da7ebf
3ab6d5bddb52a980ebe7658cca937e1ce087c1478cbeb13715876e463b2dd7f3
4836d4c4f735f42da5e463dc7ea5d497547969b914ede6c2517a861ae0ca1a10
4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
68ecb90a070cd3914b79097ce76d06a49176ca1da5e11ce45aec68f1ded3ab41
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6d742537e124cc2f65ec2bbc38d483457194dea5b3793199e4d0566083df3ec4
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
71f69541ed2861a7065f461bf9748bb263e0f8d517d0987c6619241d9d13597d
7884dda5bcc0613481ffae0309a890f370de35966d989de897fc18a0f96dd57c
7affdd7d731e0f1d2feeb2eead8219a6f53e1a2463da43a85ccec6160f656fbf
81ce264fa53cc1f0c6e5ebdc53348eeb58a5fdb892cfda456139d1acfd99c36b
82e8065d7f4c66b26875f109b8b44a137073205d3347e22dd7666839e686bdc3
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86af650ed3452c03477e710c3d6f094d1198340d6111c0ebd73fefea6b92136c
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9a553ffa6ee449f19b9bb34891e172227f31aef1c6264a4a6becc9c3adf0deb5
9ae9c7075cadfe0ee7e33d2d5f16e6b8a0307ea4e67235e4fc1d7b72dab1586a
9bf277ca18f390e22ab5fcb9c4b25cfb5c6257c7edf846e44712e906d29ee94e
9c2f083c5a5123daf2bb290698765edf33b7ad350d690559a7bdee784a95d6be
a8a3de017b8d59a5e5bf3d08a2998ddbdbdb846b84cd497948a03c6fb52f5cb3
aa560664a187ea3dc996eb43ce2b3cf9f32a04ebd4e5f41f0b626a094484ba39
ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555
bb7b3488d480a40ae648068c5c27e85a5cefcd5ebbf806dc139e54dc5031668e
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
c6f153a8653f39e37b4de72c01eab1e26bad3cba45ec63b73786cbc083d46d0e
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
eb16304c17c120cabd2bc9ba56114d31bb2c05114e17c531bcf21a682f8629d2

bg.medicineofme.com Open in urlscan Pro 2606:4700:3032::ac43:9ddb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

41 Requests

88 %HTTPS

77 %IPv6

13 Domains

16 Subdomains

14 IPs

3 Countries

1631 kBTransfer

4472 kBSize

10 Cookies

1 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bg.medicineofme.com Open in urlscan Pro
2606:4700:3032::ac43:9ddb Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

88 %
HTTPS

77 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

1631 kB
Transfer

4472 kB
Size

10
Cookies

41 HTTP transactions
0 data transactions