cffr01.ourmd.store Open in urlscan Pro
2606:4700:3036::ac43:c92e Public Scan

URL: https://www.webmd.com/a-to-z-guides/health-topics
Title: View All

URL: https://www.webmd.com/add-adhd/default.htm
Title: ADD/ADHD

URL: https://www.webmd.com/allergies/default.htm
Title: Allergies

URL: https://www.webmd.com/arthritis/default.htm
Title: Arthritis

URL: https://www.webmd.com/heart-disease/atrial-fibrillation/default.htm
Title: Atrial fibrillation

URL: https://www.webmd.com/breast-cancer/default.htm
Title: Breast Cancer

URL: https://www.webmd.com/cancer/default.htm
Title: Cancer

URL: https://www.webmd.com/ibd-crohns-disease/crohns-disease/default.htm
Title: Crohn's Disease

URL: https://www.webmd.com/depression/default.htm
Title: Depression

URL: https://www.webmd.com/diabetes/default.htm
Title: Diabetes

URL: https://www.webmd.com/dvt/default.htm
Title: DVT

URL: https://www.webmd.com/skin-problems-and-treatments/eczema/default.htm
Title: Eczema

URL: https://www.webmd.com/eye-health/default.htm
Title: Eye Health

URL: https://www.webmd.com/heart-disease/default.htm
Title: Heart Disease

URL: https://www.webmd.com/hiv-aids/default.htm
Title: HIV & AIDS

URL: https://www.webmd.com/lung/default.htm
Title: Lung Disease

URL: https://www.webmd.com/lupus/default.htm
Title: Lupus

URL: https://www.webmd.com/mental-health/default.htm
Title: Mental Health

URL: https://www.webmd.com/multiple-sclerosis/default.htm
Title: Multiple Sclerosis

URL: https://www.webmd.com/migraines-headaches/default.htm
Title: Migraine

URL: https://www.webmd.com/pain-management/default.htm
Title: Pain Management

URL: https://www.webmd.com/skin-problems-and-treatments/psoriasis/default.htm
Title: Psoriasis

URL: https://www.webmd.com/arthritis/psoriatic-arthritis/default.htm
Title: Psoriatic Arthritis

URL: https://www.webmd.com/rheumatoid-arthritis/default.htm
Title: Rheumatoid Arthritis

URL: https://www.webmd.com/sexual-conditions/default.htm
Title: Sexual Conditions

URL: https://www.webmd.com/skin-problems-and-treatments/default.htm
Title: Skin Problems

URL: https://www.webmd.com/sleep-disorders/default.htm
Title: Sleep Disorders

URL: https://www.webmd.com/ibd-crohns-disease/ulcerative-colitis/default.htm
Title: Ulcerative Colitis

URL: https://www.webmd.com/drugs/2/index
Title: Drugs

URL: https://www.webmd.com/vitamins/index
Title: Supplements

URL: https://www.webmd.com/pill-identification/default.htm
Title: Pill Identifier

URL: https://www.webmd.com/interaction-checker/default.htm
Title: Interaction Checker

URL: https://www.webmd.com/living-healthy
Title: View All

URL: https://www.webmd.com/healthy-aging/default.htm
Title: Aging Well

URL: https://www.webmd.com/parenting/baby/default.htm
Title: Baby

URL: https://www.webmd.com/sex/birth-control/default.htm
Title: Birth Control

URL: https://www.webmd.com/children/default.htm
Title: Children's Health

URL: https://www.webmd.com/diet/default.htm
Title: Diet & Weight Management

URL: https://www.webmd.com/fitness-exercise/default.htm
Title: Fitness & Exercise

URL: https://www.webmd.com/food-recipes/default.htm
Title: Food & Recipes

URL: https://www.webmd.com/beauty/default.htm
Title: Healthy Beauty

URL: https://www.webmd.com/men/default.htm
Title: Men's Health

URL: https://www.webmd.com/parenting/default.htm
Title: Parenting

URL: https://www.webmd.com/pets/default.htm
Title: Pet Health

URL: https://www.webmd.com/baby/default.htm
Title: Pregnancy

URL: https://www.webmd.com/sex-relationships/default.htm
Title: Sex & Relationships

URL: https://www.webmd.com/teens/default.htm
Title: Teen Health

URL: https://www.webmd.com/women/default.htm
Title: Women's Health

URL: https://symptoms.webmd.com/
Title: Symptom Checker

URL: https://doctor.webmd.com/
Title: Find a Doctor

URL: https://www.webmd.com/news/default.htm
Title: News

URL: https://blogs.webmd.com/default.htm
Title: Blogs

URL: https://www.webmd.com/podcasts/default.htm
Title: Podcasts

URL: https://www.webmd.com/webinar/default.htm
Title: Webinars

URL: https://member.webmd.com/subscribe
Title: Newsletters

URL: https://www.webmd.com/magazine/default.htm
Title: WebMD Magazine

URL: https://doctor.webmd.com/choice-awards
Title: Best Hospitals

URL: https://www.webmd.com/facebook-groups
Title: Support Groups

URL: https://www.webmd.com/orthopedics/default.htm
Title: Orthopedics

URL: https://member.webmd.com/signin?appid=1&returl=https://www.webmd.com/default.htm
Title: Log In

URL: https://www.webmd.com/fitness-exercise/video/daily-steps
Title: Walking and Your Health: Essential Facts to KnowEvery step you take is a step in the right direction for a longer, healthier life. But, how many daily steps do you need? Find out here.

URL: https://www.webmd.com/diet/ss/slideshow-healing-foods
Title: 11 Healing Foods for Your Body

URL: https://www.webmd.com/depression/seasonal-affective-disorder
Title: Recognizing the Signs of Seasonal Depression

URL: https://www.webmd.com/diet/ss/slideshow-too-much-salt
Title: Are You Eating Too Much Salt?

URL: https://www.webmd.com/women/endometriosis/default.htm
Title: Endometriosis

URL: https://www.webmd.com/heart-disease/peripheral-artery-disease-of-the-legs
Title: Peripheral Artery Disease

URL: https://www.webmd.com/cancer/lymphoma/understanding-leukemia-basics
Title: Leukemia

URL: https://www.webmd.com/men/ss/slideshow-low-testosterone-overview
Title: Low Testosterone

URL: https://www.webmd.com/obesity/default.htm
Title: Weight Loss & Obesity

URL: https://www.webmd.com/cancer/multiple-myeloma/default.htm
Title: Multiple Myeloma

URL: https://www.webmd.com/healthy-aging/news/20240119/multivitamins-slow-cognitive-aging-seniors-study
Title: Studies Show Multivitamins Slow Cognitive Aging in SeniorsTaking daily multivitamins appears to slow cognitive aging by about 2 years in older adults, three new studies show.

URL: https://www.webmd.com/lung/news/20240119/covid-flu-other-viruses-peaking-at-once
Title: Many Respiratory Viruses Peaking in Early 2024

URL: https://www.webmd.com/women/news/20240118/more-plant-based-protein-linked-healthy-aging-women
Title: More Protein Linked to Healthy Aging in Women

URL: https://www.webmd.com/brain/news/20240110/tinnitus-really-comes-from-your-brain
Title: Tinnitus: Ringing in Your Ear Really Comes From Your Brain

URL: https://www.webmd.com/john-whyte
Title: Expert Insights FromJohn Whyte, MDWebMD Chief Medical Officer

URL: https://www.webmd.com/cancer/cancer-in-context/video/dempsey-center
Title: Watch Patrick Dempsey Reimagines Cancer Care

URL: https://www.webmd.com/a-to-z-guides/video/hospice-awareness
Title: Watch Hospice: Care and Comfort for the Patient and Caregiver

URL: https://www.medscape.com/viewarticle/998144
Title: Change Makers: Bill Meury on Transformative Medicines

URL: https://www.webmd.com/a-to-z-guides/video/josh-sackman
Title: Watch Prescription for Pain: Virtual Reality Therapy

URL: https://www.webmd.com/cancer/cancer-in-context/video/brodsky-ash
Title: Watch ASH President Reflects Before Annual Meeting on Hematology

URL: https://www.webmd.com/balance/cc-clean-home-remove-germs?mmtrack=16682-27164-9-1-0-0-1
Title: Spotlight on a Clean HomeHow Clean Is Your House?Learn how to beat germs and improve air quality in every room of your home.

URL: https://www.webmd.com/arthritis/psoriatic-arthritis/cm/qac/toc-qa-center-psa?mmtrack=16620-27103-9-1-0-0-2
Title: Spotlight on Psoriatic ArthritisYour Psoriatic Arthritis Questions, AnsweredWhat causes PsA? How do medications work to treat it? Answers to these and more of your questions, here.

URL: https://www.webmd.com/breast-cancer/toc-early-breast-cancer?mmtrack=15290-25670-9-1-0-0-3
Title: Spotlight on Early Breast CancerFacing Early Breast Cancer With a PlanWith this series, learn what you can do to be ready before, during, and after your early breast cancer treatment.

URL: https://www.webmd.com/covid/what-is-long-covid-pasc
Title: Long COVID

URL: https://www.webmd.com/a-to-z-guides/malaria-symptoms
Title: Malaria

URL: https://www.webmd.com/a-to-z-guides/what-is-rat-lungworm
Title: Rat Lungworm

URL: https://www.webmd.com/a-to-z-guides/what-is-common-variable-immunodeficiency-cvid
Title: Common Variable Immunodeficiency

URL: https://www.webmd.com/stroke/what-is-a-spinal-stroke
Title: Spinal Stroke

URL: https://www.webmd.com/diet/foods-high-in-taurine
Title: Taurine

URL: https://www.webmd.com/lung/health-effects-wildfire-smoke
Title: Wildfire Smoke

URL: https://www.webmd.com/a-to-z-guides/what-is-sickle-cell-disease
Title: Sickle Cell Disease

URL: https://www.webmd.com/vaccines/news/20230504/fda-approves-first-rsv-vaccine-older-adults
Title: RSV Vaccine for Adults

URL: https://www.webmd.com/palliative-care/difference-palliative-hospice-care
Title: Hospice

URL: https://www.webmd.com/about-webmd-policies/about-terms-and-conditions-of-use
Title: Terms & Conditions

URL: https://www.webmd.com/about-webmd-policies/about-privacy-policy
Title: Privacy Policy

URL: https://blogs.webmd.com/sickle-cell-disease/default.htm
Title: Health Topics A-Z

URL: https://blogs.webmd.com/sickle-cell-disease/constance-benson
Title: Constance Benson

URL: https://blogs.webmd.com/sickle-cell-disease/20240119/my-mindset-before-and-after-my-bone-marrow-transplant
Title: My Mindset Before and After My Bone Marrow Transplant

URL: https://blogs.webmd.com/myasthenia-gravis/default.htm
Title: Brain & Nervous System

URL: https://blogs.webmd.com/myasthenia-gravis/ashley-brooks
Title: Ashley Brooks

URL: https://blogs.webmd.com/myasthenia-gravis/20240119/why-people-of-color-need-to-talk-about-myasthenia-gravis
Title: Why People of Color Need to Talk About Myasthenia Gravis

URL: https://blogs.webmd.com/pain-management/default.htm
Title: Pain Management

URL: https://blogs.webmd.com/pain-management/anita-gupta
Title: Anita Gupta, PharmD, DO

URL: https://blogs.webmd.com/pain-management/20240116/foods-to-ease-your-chronic-pain
Title: Foods to Ease Your Chronic Pain

URL: https://blogs.webmd.com/diet-nutrition/default.htm
Title: Nutrition and Healthy Eating

URL: https://blogs.webmd.com/diet-nutrition/elizabeth-ward-ms-rdn
Title: Elizabeth Ward

URL: https://blogs.webmd.com/diet-nutrition/20240102/caregiving-and-your-health
Title: Caregiving and Your Health

URL: https://www.webmd.com/diet/body-bmi-calculator
Title: BMI Calculator

URL: https://www.webmd.com/baby/healthtool-ovulation-calculator
Title: Ovulation Calculator

URL: https://symptoms.webmd.com/cold-flu-map/default.htm
Title: Cold and Flu Map

URL: https://www.webmd.com/pets/cats/healthy-cat-tool/default.htm
Title: Cat Health Tool

URL: https://www.webmd.com/pets/dogs/healthy-dog-tool/default.htm
Title: Dog Health Tool

URL: https://www.webmd.com/baby/healthtool-due-date-calculator
Title: Due Date Calculator

URL: https://www.webmd.com/fitness-exercise/healthtool-exercise-calculator
Title: Fitness Calorie Counter

URL: https://www.webmd.com/parenting/kids-bmi-calculator
Title: Kids BMI

URL: https://www.webmd.com/baby/interactive-pregnancy-tool-fetal-development
Title: Visual Pregnancy Timeline

URL: https://www.webmd.com/a-to-z-guides/common-topics
Title: View All

URL: https://www.webmd.com/add-adhd/childhood-adhd/default.htm
Title: ADD/ADHD - Childhood

URL: https://www.webmd.com/alzheimers/default.htm
Title: Alzheimer's

URL: https://www.webmd.com/ankylosing-spondylitis/default.htm
Title: Ankylosing Spondylitis

URL: https://www.webmd.com/anxiety-panic/default.htm
Title: Anxiety Disorders

URL: https://www.webmd.com/asthma/default.htm
Title: Asthma

URL: https://www.webmd.com/back-pain/default.htm
Title: Back Pain

URL: https://www.webmd.com/children/vaccines/default.htm
Title: Children's Vaccines

URL: https://www.webmd.com/cholesterol-management/default.htm
Title: Cholesterol

URL: https://www.webmd.com/cold-and-flu/default.htm
Title: Cold, Flu, & Cough

URL: https://www.webmd.com/lung/copd/default.htm
Title: COPD

URL: https://www.webmd.com/coronavirus
Title: Coronavirus

URL: https://www.webmd.com/diabetes/type-2-diabetes
Title: Diabetes

URL: https://www.webmd.com/digestive-disorders/default.htm
Title: Digestive Disorders

URL: https://www.webmd.com/balance/default.htm
Title: Health & Balance

URL: https://www.webmd.com/heart/default.htm
Title: Heart Health

URL: https://www.webmd.com/heartburn-gerd/default.htm
Title: Heartburn/GERD

URL: https://www.webmd.com/hypertension-high-blood-pressure/default.htm
Title: Hypertension

URL: https://www.webmd.com/lung-cancer/default.htm
Title: Lung Cancer

URL: https://www.webmd.com/oral-health/default.htm
Title: Oral Care

URL: https://www.webmd.com/osteoporosis/default.htm
Title: Osteoporosis

URL: https://www.webmd.com/ovarian-cancer/default.htm
Title: Ovarian Cancer

URL: https://www.webmd.com/prostate-cancer/default.htm
Title: Prostate Cancer

URL: https://www.webmd.com/schizophrenia/default.htm
Title: Schizophrenia

URL: https://www.webmd.com/about-webmd-policies/default.htm
Title: Learn more about our Editorial Process

URL: https://doctor.webmd.com/doctor/aaron-schulman-9dafb7bd-0f3a-4209-bbd5-278d1c3c97c8-overview
Title: Dr. Aaron Schulman, MD

URL: https://doctor.webmd.com/doctor/aaron-schulman-9dafb7bd-0f3a-4209-bbd5-278d1c3c97c8-overview#ratings
Title: 19

URL: https://doctor.webmd.com/doctor/beverly-tchang-52a675ee-5f14-4a19-be98-b7dc8d1b4b29-overview
Title: Dr. Beverly Tchang, MD

URL: https://doctor.webmd.com/doctor/beverly-tchang-52a675ee-5f14-4a19-be98-b7dc8d1b4b29-overview#ratings
Title: 0

URL: https://doctor.webmd.com/doctor/so-young-kim-bf5e89c9-1d98-4bcb-b48c-51d304e33165-overview
Title: Dr. So-Young Kim, MD

URL: https://doctor.webmd.com/doctor/so-young-kim-bf5e89c9-1d98-4bcb-b48c-51d304e33165-overview#ratings
Title: 10

URL: https://www.webmd.com/peyronies-treatment-option/treatment-option-legacy
Title: Penis Curved When Erect?

URL: https://www.webmd.com/heart-disease/cad
Title: Could I have CAD?

URL: https://www.webmd.com/arthritis/understanding-dupuytrens-contracture
Title: Treat Bent Fingers

URL: https://www.webmd.com/breast-cancer/her2-negative-vs-her2-positive
Title: Treat HR+, HER2- MBC

URL: https://www.webmd.com/dna/dandruff-just-the-facts
Title: Tired of Dandruff?

URL: https://www.webmd.com/managing-pain-with-cbd
Title: Benefits of CBD

URL: https://www.webmd.com/multiple-sclerosis/rrms-20/monthly-rms-treatment
Title: Rethink MS Treatment

URL: https://www.webmd.com/heart-disease/atrial-fibrillation/a-fib-overview
Title: AFib-Related Strokes

URL: https://www.webmd.com/dvt/what-is-dvt-and-what-causes-it
Title: Risk of a Future DVT/PE

URL: https://www.webmd.com/treatment-for-relapsing-ms/default.htm
Title: Relapsing MS Options

URL: https://www.webmd.com/hepatitis/liver-transplant-17/life-changing-liver
Title: Liver Transplants Save Lives

URL: https://www.webmd.com/beauty/cosmetic-procedures-cosmetic-surgery-options-basics
Title: Finance Plastic Surgery

URL: https://www.webmd.com/skin-problems-and-treatments/psoriasis/severe-psoriasis-19/psoriasis-pill
Title: Living With Psoriasis?

URL: https://www.webmd.com/oral-health/9-risk-factors-tooth-loss
Title: Missing Teeth?

URL: https://www.webmd.com/multiple-sclerosis/rms-perspectives-21/slideshow-advice-relapsing-ms
Title: 5 Tips to Help With Relapsing MS

URL: https://www.webmd.com/sleep-disorders/narcolepsy-perspectives-20/slideshow-narcolepsy-expert-advice
Title: How to Thrive With Narcolepsy

URL: https://www.webmd.com/skin-problems-and-treatments/story/vce-hs-home-care-help
Title: Relief for Blocked Hair Follicles

URL: https://www.webmd.com/arthritis/psoriatic-arthritis/psa-21/live/slideshow-psoriatic-arthritis-sleep-tips
Title: Psoriatic Arthritis and Your Sleep

URL: https://www.webmd.com/skin-problems-and-treatments/psoriasis/psoriasis-stories-21/video-psoriasis-ballerina
Title: What Psoriasis Feels Like

URL: https://www.webmd.com/arthritis/psoriatic-arthritis/psa-stories-21/video-psa-save-energy
Title: First Psoriatic Arthritis Flare

URL: https://www.webmd.com/rheumatoid-arthritis/ra-life-21/video-ra-check-up
Title: Talking to Your Doctor About RA

URL: https://www.webmd.com/ibd-crohns-disease/crohns-disease/crohns-perspectives-21/crohns-full-body-disease
Title: Crohn's: A 'Full-Body' Disease

URL: https://www.webmd.com/ibd-crohns-disease/crohns-disease/story/avoid-crohns-flares
Title: Avoiding Crohn’s Flares

URL: https://www.webmd.com/diet/health-benefits-hemp-seed-oil
Title: Health Benefits of Hemp Seed Oil

URL: https://www.webmd.com/skin-problems-and-treatments/psoriasis/psoriatic-disease-perspectives-21/slideshow-advocacy-psoriatic-disease-tips
Title: Live Better With Psoriatic Disease

URL: https://www.webmd.com/multiple-sclerosis/b-cell-ms-20/b-cell-ms-types
Title: Types of B-Cell Therapy for MS

URL: https://www.webmd.com/diet/hemp-health-benefits-nutrition-uses
Title: 5 Health Benefits of Hemp

URL: https://www.webmd.com/prostate-cancer/prostate-18/prostate-cancer-spreads
Title: Why Prostate Cancer Spreads

URL: https://www.webmd.com/breast-cancer/bc-perspectives-21/slideshow-advanced-bc-best-life
Title: Living with Advanced Breast Cancer

URL: https://www.webmd.com/breast-cancer/metastatic-bc-forward-18/slideshow-breast-cancer-metastasis
Title: Where Breast Cancer Spreads

URL: https://www.facebook.com/WebMD/

URL: https://twitter.com/webmd

URL: https://www.instagram.com/WebMD/

URL: https://www.tiktok.com/@webmd/

URL: https://taps.io/Bzg3Q

URL: https://taps.io/Bzg2w

URL: https://www.webmd.com/about-webmd-policies/cookie-policy
Title: Cookie Policy

URL: https://www.webmd.com/about-webmd-policies/about-editorial-policy
Title: Editorial Policy

URL: https://www.webmd.com/about-webmd-policies/about-advertising-policy
Title: Advertising Policy

URL: https://www.webmd.com/about-webmd-policies/webmd-corrections-policies
Title: Correction Policy

URL: https://privacy.truste.com/privacy-seal/validation?rid=07326333-3522-463d-81bf-f00fd7171fff

URL: https://www.internetbrands.com/
Title: Internet Brands

URL: https://www.webmd.com/about-webmd-policies/additional-info
Title: See additional information.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://sb.scorecardresearch.com/cs/6035829/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 63

https://tag.tapad.com/accounts/39/tags/q9MvkfP/events?partner_url=https%3A%2F%2Fimg.webmd.com%2Fpixel%2Faiq.b.1.html%3Ftid%3D%24%7BTA_DEVICE_ID%7D&response_type=pixel HTTP 302
https://img.webmd.com/pixel/aiq.b.1.html?tid=517db243-6627-4068-93fb-dd5e8fe2bb8a

Request Chain 84

https://sb.scorecardresearch.com/b?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705912758889&ns_c=UTF-8&c7=https%3A%2F%2Fcffr01.ourmd.store%2F&c8=WebMD%20-%20Better%20information.%20Better%20health.&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705912758889&ns_c=UTF-8&c7=https%3A%2F%2Fcffr01.ourmd.store%2F&c8=WebMD%20-%20Better%20information.%20Better%20health.&c9=

Request Chain 137

https://lexicon.33across.com/v1/envelope?pid=0015a00003LjauXAAR&src=aps&ver=1.3.0 HTTP 307
https://lexicon.33across.com/v1/envelope?pid=0015a00003LjauXAAR&src=aps&ver=1.3.0&b=1&g=mBEI5wi%2B8o0CoqIAdmO5n5%2BAvUSk%2BTrkDNA6Nve9HYU%3D

Request Chain 142

https://rp.liadm.com/j?dtstmp=1705912760158&se=e30&duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&pu=https%3A%2F%2Fcffr01.ourmd.store%2F HTTP 302
https://rp4.liadm.com/j?se=e30&duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&dtstmp=1705912760158&pu=https%3A%2F%2Fcffr01.ourmd.store%2F&i6=MjAwMTo1NTA6MWQwNToxOjoz

Request Chain 178

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=39a41c14-8f23-44b5-8a36-2f578f7a703d&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dmedianet%26user_id%3D%24UID HTTP 302
https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=OkSSxC5i_P8quWjc6GI90 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=39a41c14-8f23-44b5-8a36-2f578f7a703d&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 179

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ4OTE0MzU4MTUyMzU1MTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB_S1bA1TG4DuYoDqg_JDnY&google_cver=1

Request Chain 180

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=aa507ada-247e-4f3b-9002-263cd678f8a0

Request Chain 225

https://sync.graph.bluecava.com/ds.png?p=5d240b6c-d95e-11ed-8f0e-4201ac10000e&CID=CX321135&Site=N5667.274177.WEBMD&PID=384072498&CreativeID=201502990&Tagtype=Event&DeviceID=1&Key7=1&Key8=&Key9=&Key10= HTTP 302
https://p.alcmpn.com/idr/ven/1042/idr.gif?fpid=cf357c75-7f83-4b05-905f-a0834ddcf40c&chained=true

Request Chain 237

https://fw.adsafeprotected.com/rfw/st/1878995/77282216/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=%24%7BINSERTION_ORDER_ID%7D&ias_pubId=%24%7BADSXT_PUBLISHER_ID%7D&ias_chanId=%24%7BEXCHANGE_ID%7D&ias_placementId=%24%7BCAMPAIGN_ID%7D&bidurl=%24%7BSOURCE_URL_ENC%7D&ias_dealId=%24%7BINVENTORY_SOURCE_EXTERNAL_ID%7D&ias_xappb=%24%7BBUNDLE_ID%7D&adsafe_par&ias_impId=v4~~%24%7BAUCTION_ID%7D&adsafe_url=https%3A%2F%2Fcffr01.ourmd.store%2F&adsafe_type=abedfq&adsafe_jsinfo=,id:ccfa3516-fb8d-cb67-68a4-c49aa4731447,c:1YsJUv,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-6f4b57f9c-vrc4w,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.739.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,mtim:508,mot:0,app:0,maw:0,fm:u24Y6dH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1878995-77282216%7C1b1%7C1b2%7C1b31%7C1b4%7C1c1%7C1c21%7C1c3%7C1c4,idMap:1b*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:539,oid:bd6b0f69-b901-11ee-9305-32ebb9dcf05e,v:19.8.473,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?ias_xappb=%24%7BBUNDLE_ID%7D

Request Chain 288

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 289

https://ib.adnxs.com/getuid?https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dapx%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fhbx.media.net%252Fcksync.php%253Fcs%253D1%2526vsid%253D3489143581523551000V10%2526type%253Dapx%2526refUrl%253D%2526vid%253D59127641203489143581523551000V10%2526axid_e%253D%2526ovsid%253D%2524UID HTTP 302
https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=apx&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=6219948187244556321

Request Chain 290

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dcon%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=252d85152561126e&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dcon%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3D%24UID HTTP 302
https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=con&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=AAAG_BtrnvC59gNIlPpGAAAAAAA&expiration=1705999164&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 291

https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3489143581523551000V10 HTTP 303
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=32ee165e-2c50-4403-8d87-7c22c920ef5d HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=0673be3e-32bc-432c-9d0c-2278fba59975%3A1705912764.6314485&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D0673be3e-32bc-432c-9d0c-2278fba59975%253A1705912764.6314485%26pid%3D500040%26it%3D1%26iv%3D0673be3e-32bc-432c-9d0c-2278fba59975%253A1705912764.6314485%26_%3D1705912764.6331882&cb=1705912764.6332366 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810316570283538814&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D0673be3e-32bc-432c-9d0c-2278fba59975%253A1705912764.6314485%26pid%3D500040%26it%3D1%26iv%3D0673be3e-32bc-432c-9d0c-2278fba59975%253A1705912764.6314485%26_%3D1705912764.6331882 HTTP 302
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=0673be3e-32bc-432c-9d0c-2278fba59975%3A1705912764.6314485&pid=500040&it=1&iv=0673be3e-32bc-432c-9d0c-2278fba59975%3A1705912764.6314485&_=1705912764.6331882 HTTP 303
https://pippio.com/api/sync?it=1&pid=500040&_=1705912764.6331882&iv=0673be3e-32bc-432c-9d0c-2278fba59975:1705912764.6314485

Request Chain 302

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 304

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2-q9Kf0TQ0eXQlpgTx949w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 305

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=DBEABD29-FD13-4347-9742-5A604F1F78F7 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=517db243-6627-4068-93fb-dd5e8fe2bb8a%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aa507ada-247e-4f3b-9002-263cd678f8a0&ttd_puid=517db243-6627-4068-93fb-dd5e8fe2bb8a%2C%2C

Request Chain 307

https://eb2.3lift.com/xuid?mid=7976&xuid=DBEABD29-FD13-4347-9742-5A604F1F78F7&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=DBEABD29-FD13-4347-9742-5A604F1F78F7&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

Request Chain 308

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REJFQUJEMjktRkQxMy00MzQ3LTk3NDItNUE2MDRGMUY3OEY3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJFKlABku_GhGq1Q_GqH40&google_cver=1

Request Chain 310

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=

Request Chain 312

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nyTi_2RE2uUENjc6aqfPGTKWGd7yQVQ-~A&gdpr=0

Request Chain 315

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LROOEXVR-5-E6RS HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LROOEXVR-5-E6RS

Request Chain 317

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LROOEXVR-5-E6RS&ex=d-rubiconproject.com&status=ok

Request Chain 318

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJPT0VYVlItNS1FNlJT HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENGmpzIEtO-pUdeZfTNFnCw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPT0VYVlItNS1FNlJT&google_push=

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKROnmTI8L38iArxZoe_-bA&google_cver=1

Request Chain 320

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=&expires=30

Request Chain 321

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UFIuCL3TQn6ZJykGY5speA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UFIuCL3TQn6ZJykGY5speA

Request Chain 322

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LROOEXVR-5-E6RS

Request Chain 323

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2MDVjYjdkNzUyODQwZjc0Mzg1NzMzMGMxMzY1NGZiYzNmZGUwNw

Request Chain 325

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/DWQaiMZUNi56X41aydY2DQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v7WVW05E2oLUgVZS53vo8lu4MfByXy4sut7H_w--~A

Request Chain 326

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEKWU7LXFMAABOuyHQzsg&expires=30

Request Chain 327

https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
https://capi.connatix.com/us/pixel?puid=LROOEXVR-5-E6RS&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://capi.connatix.com/us/pixel?puid=LROOEXVR-5-E6RS&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

Request Chain 328

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LROOEXVR-5-E6RS

Request Chain 329

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LROOEXVR-5-E6RS HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LROOEXVR-5-E6RS&dnr=1

Request Chain 330

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LROOEXVR-5-E6RS HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LROOEXVR-5-E6RS HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LROOEXVR-5-E6RS&ckls=true&ci=oLeRpEvH0f&nc=false&trid=-1975472926

Request Chain 331

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LROOEXVR-5-E6RS

Request Chain 332

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LROOEXVR-5-E6RS

Request Chain 338

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6219948187244556321&gdpr=0&gdpr_consent=

Request Chain 339

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c12ac65c-b901-11ee-a1f9-513fff588743

Request Chain 340

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFS1dVN0xYRk1BQUJPdXlIUXpzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAEKWU7LXFMAABOuyHQzsg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1178057023864063987&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAEKWU7LXFMAABOuyHQzsg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1178057023864063987%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1178057023864063987&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEKWU7LXFMAABOuyHQzsg&pid=558502&do=add&gdpr=0 HTTP 303
https://sync.technoratimedia.com/services?uid=AAEKWU7LXFMAABOuyHQzsg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1178057023864063987%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1178057023864063987&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEKWU7LXFMAABOuyHQzsg&gdpr=0

Request Chain 341

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za4pvwAQV-WsvgBH

Request Chain 343

https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=DBEABD29-FD13-4347-9742-5A604F1F78F7&gdpr=0&gdpr_consent= HTTP 302
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=DBEABD29-FD13-4347-9742-5A604F1F78F7&vxii_pid=12&vxii_pid1=10067&vxii_rcid=c32891b7-162a-43ae-80eb-2ea92085a23b

Request Chain 344

https://us-u.openx.net/w/1.0/sd?id=540245193&val=DBEABD29-FD13-4347-9742-5A604F1F78F7&gdpr=0&gdpr_consent= HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=540245193&val=DBEABD29-FD13-4347-9742-5A604F1F78F7&gdpr=0&gdpr_consent=

Request Chain 347

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:CEFDBD2F794A497EB359F7201474BAF4

Request Chain 348

https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=6d6fd1c6-d1f5-4724-9f3a-b5a8008b8071&gdpr=0&gdpr_consent=

350 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cffr01.ourmd.store/ 426 KB
71 KB 560ms
467ms Document
text/html 2606:4700:3036::ac43:c92e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:c92e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e35a1522679cbec80520fe04bb423bc6937fd904b08aaf28f4ee169101a507

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 20
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-edge-cache-control: s-maxage=119, maxage=10, proxy-revalidate, stale-while-revalidate=30
cf-ray: 84967c4b1de431d8-MIA
cf-wrk: lrt1_cached_k8_worker_1_40S_21S_2023-12-07_15:01:15_gdbp_false_gtedgefrom_CLOUDFLAREVueJS_true_E_false_UC_false_UD_false_mp_false_active_true_from_MA1_ovr__config_envName_.k8s.lb._envNameFound_true_actv_true_blk_N/A_1705912757332_SKIP_CMT_NON_US-CA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Mon, 22 Jan 2024 08:39:17 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ9JzCaCcTL91WrkgU11L9M7uw%2FFFQqcuQLq5sybXMnGblwr3OdZkG906D7gRBksa%2Bc3bl1DGNRqwHkp9mfM5FKo5Ylpew1189NgprkJnDCyUDy3zsdsCCN4RuMMvcA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-backend: default
x-backend-by: default
x-cache: HIT
x-cache-control-by: override
x-cache-duration: 0.083333333333333h
x-cache-expiry: Monday, 22-Jan-2024 08:39:17 GMT
x-cache-reason: routing
x-cache-time: Monday, 22-Jan-2024 08:34:17 GMT
x-datacenter: MA1
x-dbg-gt: gtinfo={"ct":"Melbourne","c":null,"cc":null,"st":"VIC","sc":null,"z":"3000","lat":"-37.81590","lon":"144.96690","dma":null,"cntr":"AUS","cntrc":"36","tz":"Australia/Melbourne","ci":"121.200.4.204","debug":"Cloudflare"}
x-edge-cache-duration: 0.033333333333333h
x-edge-cache-expiry: Monday, 22-Jan-2024 08:36:17 GMT
x-gt-setter: usr
x-redis: redis_server_2
x-route: pg
x-route-akamai: N/A
x-runtime: new
x-true-client-ip: 194.120.24.224

GET
H2 200 webmd-ccm.min.js Show response
img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/webmd-ccm/ 22 KB
7 KB 137ms
46ms Script
application/javascript 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/webmd-ccm/webmd-ccm.min.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 770ae354eaeb95abf0fcad94e1dc71cf60f61845084971607c626049478d85c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1182156
content-length: 6463
last-modified: Mon, 08 Jan 2024 16:15:40 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-server-id: img01-web.con.ma1.webmd.com
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84967c4ebe52748e-MIA
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 source-sans-pro-v12-latin-regular.899c8f78.woff2
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/ 16 KB
16 KB 274ms
163ms Font
font/woff2 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/source-sans-pro-v12-latin-regular.899c8f78.woff2
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: MISS
x-cache-2: BYPASS
x-powered-by: Express
content-length: 16112
last-modified: Mon, 22 Jan 2024 08:39:17 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4eda823dd3-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 source-sans-pro-v12-latin-700.1a4bcb3e.woff2
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/ 15 KB
15 KB 266ms
157ms Font
font/woff2 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/source-sans-pro-v12-latin-700.1a4bcb3e.woff2
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: MISS
x-cache-2: BYPASS
x-powered-by: Express
content-length: 15764
last-modified: Mon, 22 Jan 2024 08:39:17 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4eda813dd3-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 roboto-condensed-v17-latin-regular.3ada4464.woff2
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/ 15 KB
15 KB 220ms
112ms Font
font/woff2 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/roboto-condensed-v17-latin-regular.3ada4464.woff2
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: MISS
x-cache-2: BYPASS
x-powered-by: Express
content-length: 15720
last-modified: Mon, 22 Jan 2024 08:39:17 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4eca7d3dd3-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 roboto-condensed-v17-latin-700.6b222561.woff2
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/ 15 KB
16 KB 216ms
108ms Font
font/woff2 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/roboto-condensed-v17-latin-700.6b222561.woff2
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: MISS
x-cache-2: BYPASS
x-powered-by: Express
content-length: 15640
last-modified: Mon, 22 Jan 2024 08:39:17 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4eda7e3dd3-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 source-sans-pro-v12-latin-600.c85615b2.woff2
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/ 16 KB
16 KB 218ms
110ms Font
font/woff2 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/source-sans-pro-v12-latin-600.c85615b2.woff2
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: MISS
x-cache-2: BYPASS
x-powered-by: Express
content-length: 15948
last-modified: Mon, 22 Jan 2024 08:39:17 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4eda7f3dd3-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 source-sans-pro-v12-latin-300.ede18477.woff2
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/ 16 KB
16 KB 223ms
115ms Font
font/woff2 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/fonts/source-sans-pro-v12-latin-300.ede18477.woff2
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: MISS
x-cache-2: BYPASS
x-powered-by: Express
content-length: 16064
last-modified: Mon, 22 Jan 2024 08:39:17 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4eda803dd3-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 1800ss_getty_rf_senior_woman_walking.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/lupus_in_older_adults_slideshow/ 16 KB
17 KB 152ms
44ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/lupus_in_older_adults_slideshow/1800ss_getty_rf_senior_woman_walking.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3a1ac38e4f92bdc05eba867a2b7a64ae7a9f449b83d24cfb571924e9646bd59f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 306156
x-powered-by: Express
content-length: 16890
last-modified: Thu, 18 Jan 2024 19:32:43 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"41fa-18d1e0fb880"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4ed8c96dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 1800ss_getty_rf_honey.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/guide_to_going_vegan_for_the_first_time_slideshow/ 14 KB
14 KB 150ms
43ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/guide_to_going_vegan_for_the_first_time_slideshow/1800ss_getty_rf_honey.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 204ee93549dc12f0d3d21bd792146c8e5b94fe86f2d0452e23c90a239d2e8635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 306107
x-powered-by: Express
content-length: 14208
last-modified: Thu, 18 Jan 2024 19:32:43 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3780-18d1e0fb88f"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4ed8cb6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 1800ss_getty_rf_depressed_man.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/13_things_fast_food_does_to_your_body_slideshow/ 7 KB
7 KB 175ms
68ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/13_things_fast_food_does_to_your_body_slideshow/1800ss_getty_rf_depressed_man.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75edd91c5babc9146d066c016053403925253166e2f1d352591f12a7abbe9461

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 306107
x-powered-by: Express
content-length: 7140
last-modified: Thu, 18 Jan 2024 19:32:43 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1be4-18d1e0fb881"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4ed8cc6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 1800x1200_signs_youre_eating_too_much_salt_slideshow.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/slideshows/signs_youre_eating_too_much_salt_slideshow/ 10 KB
10 KB 152ms
46ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/slideshows/signs_youre_eating_too_much_salt_slideshow/1800x1200_signs_youre_eating_too_much_salt_slideshow.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2cc03aa79f84e924b29cbbd1f6bc11b81679e23b3ec6dde5a9364a32b07cdd32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 306156
x-powered-by: Express
content-length: 10160
last-modified: Mon, 20 Nov 2023 22:01:50 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"27b0-18beec10af2"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4ed8ca6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 launch-9ec3309f596b.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/ 385 KB
104 KB 313ms
73ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ca40b4ada778393a3af1664639668df71344a115b78e10306d07d20fba4eadbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:16 GMT
server: AkamaiNetStorage
etag: "949e360919844987b3d3f6d96062bc60:1705514416.337509"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 106442
expires: Mon, 22 Jan 2024 09:39:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 278ms
86ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3ZVJC9H4TB&l=gtagDataLayer

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2eb60088a33de9050064fbdb740d1529185b2823d34b480506f15f166cc85a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 08:39:17 GMT

GET
H2 200 app.ead0d570.js Show response
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/ 13 KB
4 KB 57ms
51ms Script
application/javascript 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/app.ead0d570.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5324e7061ac31a145fd88a86a5deae3805c332e47f5200b47a5de3b57946956f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 3589518
x-cache-2: BYPASS
x-powered-by: Express
content-length: 4290
last-modified: Mon, 11 Dec 2023 19:33:59 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4ef8d66dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 chunk-2d0c86a3.3b234d28.js Show response
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/ 1 KB
810 B 59ms
54ms Script
application/javascript 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-2d0c86a3.3b234d28.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 074c7d14f6d5170f0f6112232e121c6e458ba9b5bf85408b68dca7bf64d24365

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 4739949
x-cache-2: BYPASS
x-powered-by: Express
content-length: 711
last-modified: Tue, 28 Nov 2023 12:00:08 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4ef8d76dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 chunk-vendors.bedba5cb.js Show response
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/ 1 MB
360 KB 64ms
59ms Script
application/javascript 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 961c9207e39f44f2ec3899e0620eeabef92cf3fd93231a9f49a17f49390789c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 3595569
x-cache-2: BYPASS
x-powered-by: Express
last-modified: Mon, 11 Dec 2023 17:53:08 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84967c4ef8d86dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 non-critical.8acd8993.js Show response
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/ 29 KB
9 KB 57ms
52ms Script
application/javascript 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/non-critical.8acd8993.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 43b2d46d6649a71af6288745f7bf01f89d2b120ece8390240f7118f55d0d1242

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 4486182
x-cache-2: BYPASS
x-powered-by: Express
content-length: 8716
last-modified: Fri, 01 Dec 2023 10:29:35 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4ef8d96dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 webmd-elements.f4842406.js Show response
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/ 126 KB
30 KB 86ms
82ms Script
application/javascript 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/webmd-elements.f4842406.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2b0f1b522b84ffa68eaa62df48987363a5e4f27fc77e81f8dc8937575843dc39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 3589417
x-cache-2: BYPASS
x-powered-by: Express
content-length: 30617
last-modified: Mon, 11 Dec 2023 19:35:40 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4ef8dd6dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 non-critical-1701943537202.19307368.css
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/css/ 0
5 KB 85ms
81ms Other
text/css 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/css/non-critical-1701943537202.19307368.css
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 3589603
x-cache-2: BYPASS
x-powered-by: Express
content-length: 4770
last-modified: Mon, 11 Dec 2023 19:32:34 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c4ef8e16dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:17 GMT

GET
H2 200 webmd_logo_white.svg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/logos/webmd/web/ 4 KB
2 KB 85ms
82ms Image
image/svg+xml 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/logos/webmd/web/webmd_logo_white.svg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 410bb5f75210086dd9d57cb93825d4aa73bee32afd2467397ffeee6614485d12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4480814
x-powered-by: Express
last-modified: Tue, 30 May 2023 21:30:22 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"ef4-1886e91b4fc"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/svg+xml
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 84967c4ef8de6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 arrow-right.cddcbeb3.svg
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/img/ 301 B
335 B 83ms
80ms Image
image/svg+xml 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/img/arrow-right.cddcbeb3.svg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5ddad633778dc9a21b6bdc04396d61a2fc2c9d4b9cda92578b5e5a2fbb365627

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4581738
x-powered-by: Express
last-modified: Tue, 28 Nov 2023 11:53:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"12d-18c15c6febc"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/svg+xml
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 84967c4ef8e06dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
DATA 200
OK truncated
/ 3 KB
3 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf4cd62a3472dc24e9bc9957dc56e466a48aae1621a29c12cb39e14717c5ebae

Request headers

Referer
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 living-healthy-mental-health.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 17 KB
17 KB 88ms
61ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/living-healthy-mental-health.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0d9c4c18500deb9f9966074bb4b62c759fc6b8b9ecb7e6ee7dc0652ca966bcc3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4652562
x-powered-by: Express
content-length: 17352
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"43c8-18b478292f4"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f48fe6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 living-healthy-diet-weight-management.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 17 KB
17 KB 89ms
63ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/living-healthy-diet-weight-management.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 16c68b40523600416a9be0b8d126927a462d33948edd2a2ebf81d244ec4b1249

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 5967998
x-powered-by: Express
content-length: 17454
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"442e-18b4782923a"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49006dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 living-healthy-healthy-aging.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 10 KB
10 KB 88ms
62ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/living-healthy-healthy-aging.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 944d7a022d3916e3f5a109e8015f313ac19c4532ae00a0550b2868430b86bb77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4565560
x-powered-by: Express
content-length: 10266
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"281a-18b4782920a"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49016dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 living-healthy-sex-relationships.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 13 KB
13 KB 89ms
64ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/living-healthy-sex-relationships.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 89de75e9bce4fac8ca831fdba8423c775d55e9d01b2aa3ed8ea95b57adcd9d3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4183589
x-powered-by: Express
content-length: 12892
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"325c-18b478291fb"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49026dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 living-healthy-fitness-exercise.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 8 KB
8 KB 89ms
65ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/living-healthy-fitness-exercise.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3c0d91b31e60bfd9da753139bb6f865b81d39ac7514d69fdb37bb9e79eb78e16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 6121899
x-powered-by: Express
content-length: 8594
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2192-18b478291d7"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49036dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 1800ss_getty_rf_vitamins_spilling_from_bottle.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/whats_causing_that_metallic_taste_in_your_mouth_slideshow/ 21 KB
21 KB 86ms
65ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/health_tools/whats_causing_that_metallic_taste_in_your_mouth_slideshow/1800ss_getty_rf_vitamins_spilling_from_bottle.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f728c5a9e868897a91e3b6721c5b6f34e4064fda63f38399703f64acdf08f6d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 219214
x-powered-by: Express
content-length: 21208
last-modified: Fri, 19 Jan 2024 19:40:54 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"52d8-18d233d9289"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49046dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 homepage-john-whyte-image.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 2 KB
2 KB 89ms
69ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/homepage-john-whyte-image.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 23dd633d22c7e82592e0364205f45d7ceaae6183949d8016b9df151ba3edc9cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4745138
x-powered-by: Express
content-length: 1836
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"72c-18b47829154"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49056dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 45168827_Patrick-Dempsey-Reimagines-Cancer-Care_thumb.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/ 21 KB
21 KB 91ms
71ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/45168827_Patrick-Dempsey-Reimagines-Cancer-Care_thumb.jpg?resize=750px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a63f91d1a47f2940b7f5a4b3e20a1e625c2a9f32ca3195868476c4191cdf9e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 2915276
x-powered-by: Express
content-length: 21250
last-modified: Tue, 19 Dec 2023 14:42:59 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"5302-18c8287aee4"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49066dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 play-arrow.svg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/responsive/ 739 B
547 B 82ms
63ms Image
image/svg+xml 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/responsive/play-arrow.svg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 610d7653d84a5919e3cc7fa1e89798c69b4246fe55f29502f7f9d855e08aa7c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6042105
x-powered-by: Express
last-modified: Tue, 08 Aug 2023 17:03:34 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2e3-189d61a96c7"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/svg+xml
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 84967c4f49076dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 46305895_Hospice-Care-and-Comfort-for-the-Patient-and-Caregiver_thumb.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/46305895_Hospice-Care-and-Comfort-for-the-Patient-and-Caregiver_12072023/ 16 KB
16 KB 84ms
66ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/46305895_Hospice-Care-and-Comfort-for-the-Patient-and-Caregiver_12072023/46305895_Hospice-Care-and-Comfort-for-the-Patient-and-Caregiver_thumb.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7f7edcc5931dd85cd2942f8cc112b7a79472325bd224766076bc153e8f638e7f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 2915061
x-powered-by: Express
content-length: 16226
last-modified: Tue, 19 Dec 2023 14:42:59 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3f62-18c8287ae67"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49086dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 1800x1200_changemakers_karuna.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/other/ 14 KB
14 KB 92ms
74ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/other/1800x1200_changemakers_karuna.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 43b34cedf7b00767ed4e219e7d35656bbef6dffca67e2b4c191a22e810b2134d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 3521926
x-powered-by: Express
content-length: 14178
last-modified: Tue, 12 Dec 2023 14:19:00 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3762-18c5e653722"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49096dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 C46115693_Prescription-for-Pain-Virtual-Reality-Therapy_thumb.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/C46115693_Prescription-for-Pain-Virtual-Reality-Therapy_112923/ 9 KB
9 KB 92ms
75ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/C46115693_Prescription-for-Pain-Virtual-Reality-Therapy_112923/C46115693_Prescription-for-Pain-Virtual-Reality-Therapy_thumb.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: de8f7cb88eb67aa88e0f39985a15abdba11d7b9bbd08854597cc1465360d420e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 3928674
x-powered-by: Express
content-length: 8860
last-modified: Thu, 07 Dec 2023 21:19:23 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"229c-18c46264853"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f490a6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 C46334554_ASH-President-Reflects-Before-Annual-Meeting-on-Hematology_thumb.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/ 11 KB
11 KB 84ms
67ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/features/C46334554_ASH-President-Reflects-Before-Annual-Meeting-on-Hematology_thumb.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 913fbb20574898f74b93af4ed8bbed7891fb7ecc79ca0575e2e01db3f4980888

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4184871
x-powered-by: Express
content-length: 11282
last-modified: Mon, 04 Dec 2023 22:07:33 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2c12-18c36df4efb"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f490b6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 hp-nl-envelop.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 15 KB
16 KB 84ms
68ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/hp-nl-envelop.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 23b088f096e1694afb44e68c37cdcbd6e0abca77d390904857d4c8f2fb9e6b45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4671763
x-powered-by: Express
content-length: 15800
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3db8-18b47829298"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f490d6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 600x600_constance_benson_blogger_headshot.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/ 9 KB
9 KB 88ms
72ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/600x600_constance_benson_blogger_headshot.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 629951640e0d4ca16b42681d0a599795c9897a202a0978bea0cef6dc6769f0f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 232063
x-powered-by: Express
content-length: 9542
last-modified: Wed, 01 Nov 2023 11:58:55 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2546-18b8ac03888"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f490e6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 600x600_ashley_brooks.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/ 12 KB
13 KB 85ms
70ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/600x600_ashley_brooks.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 122f02fd9f99d0eba03af6eaec543e0f44dd99026cb0fdfd22f040775686fa83

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 308505
x-powered-by: Express
content-length: 12782
last-modified: Wed, 25 Oct 2023 13:17:14 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"31ee-18b66fb6a69"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f490f6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 600x600_anita_gupta_md.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/ 25 KB
25 KB 81ms
66ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/600x600_anita_gupta_md.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8ea9c20f3ea3db0e55295e187845dd3fe2beb42de88861193078073da4b41f3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 626839
x-powered-by: Express
content-length: 25904
last-modified: Tue, 24 Oct 2023 14:01:46 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"6530-18b61fdd210"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49106dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 600x600_elizabeth_ward.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/ 10 KB
10 KB 87ms
72ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/articles/biographies/600x600_elizabeth_ward.jpg?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e6b0b153b621f027b6f46b17668c7eff5ce4836524f1d5a4cd253c1f3fdc4e10

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 1524572
x-powered-by: Express
content-length: 10074
last-modified: Thu, 04 Jan 2024 17:08:22 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"275a-18cd5728975"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49116dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 tools-bmi.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 8 KB
8 KB 82ms
67ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/tools-bmi.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1679d6a4d407c244e2ead1ff61b2f85e85228f6ad554db0ab01d8d87b01517c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4570451
x-powered-by: Express
content-length: 8042
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1f6a-18b47829228"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49136dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 tools-ovulation-calculator.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 4 KB
4 KB 88ms
74ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/tools-ovulation-calculator.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 17531138ab9ce9b677439e6885b00cc184e689006eb4619f3317fa91cff5c143

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4743345
x-powered-by: Express
content-length: 4256
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"10a0-18b478291c1"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49146dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 tools-cold-and-flu-icon.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 16 KB
16 KB 87ms
73ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/tools-cold-and-flu-icon.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 94e1141d1017f2a9c5eccbb36087e1e42f334bf88b92227f81a4627c814c8257

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 6954736
x-powered-by: Express
content-length: 16506
last-modified: Thu, 02 Nov 2023 20:43:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"407a-18b91c66951"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49166dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 tools-pill-identifier.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 15 KB
15 KB 84ms
70ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/tools-pill-identifier.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8663ae488f16361c3106f3b27f2eee2d4c404ad6215f2998b82a51fb3f46c23e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 4671763
x-powered-by: Express
content-length: 15156
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3b34-18b4782928f"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49176dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 tools-drugs-interaction-checker.png
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 11 KB
11 KB 89ms
76ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/tools-drugs-interaction-checker.png?resize=484px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b7963c6f34dfa0943771a3ded008f88ff82d573f1dab87428022aab255e2452d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 6371190
x-powered-by: Express
content-length: 11546
last-modified: Thu, 19 Oct 2023 10:37:01 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2d1a-18b478291d9"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f49196dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 webmd-mission.jpg
img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/ 27 KB
27 KB 84ms
71ms Image
image/webp 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/vim/live/webmd/consumer_assets/site_images/home_page/webmd-mission.jpg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 30f8848bcd772be4a9bb93474ee151f3ba1d31ad0cb64adae72a21c53048490a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 5187307
x-powered-by: Express
content-length: 27334
last-modified: Tue, 15 Aug 2023 19:53:35 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"6ac6-189fac2c3f4"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c4f491a6dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 mail.c6992733.svg
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/img/ 732 B
476 B 147ms
134ms Image
image/svg+xml 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/img/mail.c6992733.svg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c82ceff53e4d991e27aa30ba0d05bdf344b16532830e7da8d7fccfbcb5c2772e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4581738
x-powered-by: Express
last-modified: Tue, 28 Nov 2023 11:53:32 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"2dc-18c15c6feae"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/svg+xml
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 84967c4f89346dd4-MIA
expires: Mon, 22 Jan 2024 12:39:17 GMT

GET
H2 200 icon_arrow.svg
img.webmd.com/vim/live/webmd/consumer_assets/site_images/responsive/ 428 B
486 B 53ms
40ms Image
image/svg+xml 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/vim/live/webmd/consumer_assets/site_images/responsive/icon_arrow.svg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 99d12dace031d44a8918ede78a730c2b43c840dc0e7e46130392983608389184

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5356937
x-powered-by: Express
last-modified: Mon, 21 Aug 2023 18:01:33 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1ac-18a194258fa"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/svg+xml
cache-control: public, max-age=86400
x-robots-tag: noindex
cf-ray: 84967c4f5eb2748e-MIA
expires: Tue, 23 Jan 2024 08:39:17 GMT

GET
H2 200 1800ss_getty_rf_woman_playing_with_kids.jpg
img.webmd.com/vim/live/consumer_assets/site_images/articles/health_tools/10_Tips_on_Caring_for_Yourself_With_Ovarian_Cancer/ 9 KB
10 KB 66ms
36ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/vim/live/consumer_assets/site_images/articles/health_tools/10_Tips_on_Caring_for_Yourself_With_Ovarian_Cancer/1800ss_getty_rf_woman_playing_with_kids.jpg?resize=400px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b7c939c8edd55c2ce36ccff7a3a14c0df35a9e1f07565d9a8846b7d3e5b43db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 1089282
x-powered-by: Express
content-length: 9650
last-modified: Tue, 09 Jan 2024 18:01:52 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"25b2-18cef63524d"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c500f5c748e-MIA
expires: Tue, 23 Jan 2024 08:39:17 GMT

GET
H2 200 1800x1200_adhd_in_workplace_bigbead.jpg
img.webmd.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/BigBead/ADHD_in_workplace_bigbead/ 7 KB
8 KB 69ms
39ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/vim/live/webmd/consumer_assets/site_images/article_thumbnails/BigBead/ADHD_in_workplace_bigbead/1800x1200_adhd_in_workplace_bigbead.jpg?resize=400px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4ae6a6ee5f9abd32d4eee6e8a3854d06e97c023261ac3bb44ba6f60fb63c6591

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 1179705
x-powered-by: Express
content-length: 7654
last-modified: Mon, 08 Jan 2024 16:53:33 GMT
server: cloudflare
x-datacenter: LA1
etag: W/"1de6-18ce9fe6963"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c500f5d748e-MIA
expires: Tue, 23 Jan 2024 08:39:17 GMT

GET
H2 200 1800x1200_doctor_talking_with_patient.jpg
img.webmd.com/vim/live/consumer_assets/site_images/article_thumbnails/blog_posts/schizophrenia/ 8 KB
8 KB 71ms
41ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/vim/live/consumer_assets/site_images/article_thumbnails/blog_posts/schizophrenia/1800x1200_doctor_talking_with_patient.jpg?resize=400px:*&output-quality=70
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 74372a9ab447056983396fe3f9395290d14e4b175c64a45fdab187c970af0b67

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:17 GMT
cf-cache-status: HIT
age: 1447672
x-powered-by: Express
content-length: 7904
last-modified: Fri, 05 Jan 2024 14:30:33 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1ee0-18cda086a84"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c500f5e748e-MIA
expires: Tue, 23 Jan 2024 08:39:17 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035829/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

64ms
63ms

Script
application/javascript

13.35.93.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Server: 13.35.93.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-67.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:40:01 GMT
content-encoding: gzip
via: 1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 53966
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Xctb9pHb1e5F_SPbHYBRbMNLfTKH9xsvit3QXXB-Gdqfw1TJtlD3aQ==

Redirect headers

date: Mon, 22 Jan 2024 08:39:18 GMT
via: 1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: Or_RX0LigKLrtRIpTmvUnD57QgJlOUycNhRxGpBC7LGJJs5p7cWRWA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 289ms
109ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15d9042f488e08902749120c5fd3fd4ea0477b830622601a38fc48269dd4da93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29357
x-xss-protection: 0
server: cafe
etag: 952 / 19744 / m202401160101 / config-hash: 15866861927224639442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 08:39:18 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
613 B 137ms
34ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es2015%2Ces2016%2Ces2017%2Ces5%2Ces6%2Ces7%2Cdefault%2CNodeList.prototype.forEach

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 22 Jan 2024 08:39:18 GMT
age: 0
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/120.0.0
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 non-critical-1701943537202.19307368.css
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/css/ 35 KB
5 KB 53ms
39ms Stylesheet
text/css 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/css/non-critical-1701943537202.19307368.css
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 08d82f49e67c743f012713dccce6577e0b6c591db47cb7689c58d16f3b6645d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 3589604
x-cache-2: BYPASS
x-powered-by: Express
content-length: 4770
last-modified: Mon, 11 Dec 2023 19:32:34 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c51b9f56dd4-MIA
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:18 GMT

GET
H2 200 mmtrack.js Show response
img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/ 2 KB
1 KB 150ms
45ms Script
text/plain 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/mmtrack.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 96644f234792b2dc812b643db1474a7768bd2fe031c098294d625bdd49fb5fbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 4127053
x-cache-key: img.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/mmtrack.js
x-cache-2: BYPASS
x-powered-by: Express
x-cache: HIT
file-cache-time: 12/4/2023, 8:03:57 PM
content-length: 797
last-modified: Tue, 05 Dec 2023 14:14:37 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c534acad9d5-MIA
access-control-allow-headers: authorization, content-type, user, name
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:18 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 133ms
46ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3ZVJC9H4TB&gtm=45je41h0v872629505&_p=1705912757480&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=745845248.1705912758&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705912758&sct=1&seg=0&dl=https%3A%2F%2Fcffr01.ourmd.store%2F&dt=WebMD%20-%20Better%20information.%20Better%20health.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.effective_connection_type=4g&ep.channel_health=&ep.page_type=Nav%20-%20Home%20Page&tfd=1463
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZVJC9H4TB&l=gtagDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 190ms
68ms Ping
text/plain 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3ZVJC9H4TB&cid=745845248.1705912758&gtm=45je41h0v872629505&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZVJC9H4TB&l=gtagDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optiCommon.js Show response
img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/media/ 8 KB
3 KB 45ms
43ms Script
text/plain 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.lb.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/media/optiCommon.js
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ee0ad088e66c6164da0785d410f7d271653bf07fb832c9a5f71e488805b3183e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
x-redis: redis_server_1
x-skipcache-by-query: 0
cf-cache-status: HIT
age: 4127070
x-cache-key: img.wbmdstatic.com/webmd_static_vue/file-explorer/webmd/js/media/opticommon.js
x-cache-2: BYPASS
x-powered-by: Express
x-cache: HIT
file-cache-time: 12/4/2023, 8:03:57 PM
last-modified: Tue, 05 Dec 2023 14:14:36 GMT
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
vary: Accept-Encoding
access-control-allow-methods: GET,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84967c53db05d9d5-MIA
access-control-allow-headers: authorization, content-type, user, name
x-skipcache: 0
expires: Tue, 21 Jan 2025 08:39:18 GMT

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/25/cffr01.ourmd.store/ 249 B
640 B 321ms
141ms Script
application/json 2600:9000:2209:de00:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/25/cffr01.ourmd.store/.js
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:de00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75625747ca898c7f6920c6374b7d0b7a7e2ed3d71cd23fa03af33a3cf928c5dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 23 Mar 2024 00:00:00 GMT", rule-id="cleanup"
last-modified: Mon, 22 Jan 2024 07:32:33 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-P1
etag: "2a43133b6f79104a4c103ea0b06d261d"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
content-length: 178
x-amz-cf-id: 85gsTOVUATZIN9iVNrMuBPBq1eDBnjMy9E6ycCSCxEMHdUjWFKA25w==

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 122 KB
25 KB 255ms
76ms Script
text/javascript 2600:9000:2209:7c00:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=25
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2209:7c00:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36df88557f5d9520a8518f1c63c31203a81e8ca3936296cd7fedce2da7fb622c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:00:40 GMT
x-amz-version-id: vJGOPXg55Eg10ePpe.oKRR8kUd73XmCz
content-encoding: gzip
last-modified: Wed, 03 Jan 2024 22:00:33 GMT
server: AmazonS3
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-P1
etag: W/"89881b677e6e0a30830bf701b3bc6cbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
age: 70719
x-amz-cf-id: tzP-6ogc6CVKHlh36-GF_fJvIDpbyhI9OR6Mqv-j0qCnVo73YRLxbw==

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 654 KB
181 KB 373ms
220ms Script
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

ec2-35-153-246-222.compute-1.amazonaws.com

Software

Apache /

Resource Hash

db107bc34224c809193c160cec349c69410c74c690fe707c23704449c1265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 08:39:18 GMT
server: Apache
etag: 18129713696084819222
vary: Accept-Encoding
x-mnet-h: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
link: <https://hb-pb.media.net>;rel="preconnect",<https://hbx.media.net/__media__/js/ucreative.js?cv=1>;rel="prefetch";as=script
expires: Mon, 22 Jan 2024 09:09:18 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 247ms
73ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66db01e9328733a5f6a6bad62ab921f53837d6eb11d81a3a4995c3e747821a50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:10:28 GMT
content-encoding: gzip
via: 1.1 a1157b69a14bebe8162237750a074fae.cloudfront.net (CloudFront), 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 20:22:23 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 1731
x-amz-server-side-encryption: AES256
etag: W/"60bfb96bc5dd4ca3429ef2f4df9e17d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: mXcfyF88tItC024AYT5KIgEdKeLDoBdXHxu6vjb2Juosssm2IOVDqQ==

GET
H2

200

aiq.b.1.html Show response
img.webmd.com/pixel/ Frame E801
Redirect Chain

https://tag.tapad.com/accounts/39/tags/q9MvkfP/events?partner_url=https%3A%2F%2Fimg.webmd.com%2Fpixel%2Faiq.b.1.html%3Ftid%3D%24%7BTA_DEVICE_ID%7D&response_type=pixel
https://img.webmd.com/pixel/aiq.b.1.html?tid=517db243-6627-4068-93fb-dd5e8fe2bb8a

1 KB
795 B

52ms
44ms

Document
text/html

172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.webmd.com/pixel/aiq.b.1.html?tid=517db243-6627-4068-93fb-dd5e8fe2bb8a
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50e33a6b1359542e13a4221817f7906acd752c98b9c1a90d78766307021fea75

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=16708944
cf-cache-status: DYNAMIC
cf-ray: 84967c55fa84748e-MIA
content-encoding: gzip
content-type: text/html
date: Mon, 22 Jan 2024 08:39:18 GMT
expires: Fri, 02 Aug 2024 18:01:42 GMT
last-modified: Mon, 24 Jan 2022 18:57:33 GMT
server: cloudflare
timing-allow-origin: *
vary: Accept-Encoding
x-server-id: img03-web.con.ma1.webmd.com

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
access-control-max-age: 300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-length: 0
date: Mon, 22 Jan 2024 08:39:18 GMT
location: https://img.webmd.com/pixel/aiq.b.1.html?tid=517db243-6627-4068-93fb-dd5e8fe2bb8a
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 139ms
43ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: N0T2VEYFY8D7VBKM
age: 1005
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84967c55ad759ae6-MIA
x-amz-id-2: QG3GQHWHEK4PI9Elqt0k2lf3FkJPZQHJIyhEgU17iMqYUseNkJKf/47z+zFT0BDXz9hREODqxCvLlV8KiEA0bQ==

GET
H2 200 pub.js Show response
pub.doubleverify.com/signals/ 36 KB
13 KB 154ms
42ms Script
text/javascript 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/signals/pub.js

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7276abf46d187790b869fae48fbbb6d6e3b0c0f1db5fb75efaf235e0e9e9c428

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 84967c55bbd98dd0-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 f Show response
fid.agkn.com/ 130 B
667 B 235ms
61ms XHR
application/javascript 44.198.141.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fid.agkn.com/f?apiKey=2341832921&u=https://cffr01.ourmd.store/
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.198.141.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-198-141-81.compute-1.amazonaws.com
Software: AAWebServer /
Resource Hash: 688a8335e805cf4348eb410985f2836145b74d081f32de625f336e8e2c009d1f

Request headers

Accept: application/json, text/plain, */*
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:18 GMT
server: AAWebServer
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: application/javascript;charset=iso-8859-1
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 130
expires: 0

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 46 KB
17 KB 253ms
88ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

66d9c0cf63b9dbef9d6ed99b19ef6fab7ba3e371cb2da6779edda8119e1673a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16853
x-xss-protection: 0
server: cafe
etag: 9874509971169445229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 22 Jan 2024 08:39:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 230ms
66ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 08:39:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57023
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 40g0NzFpLVKAlDqmJE3ULvopVbE6lipKo5dr3QmV4SHan97vVXW4D9ASQ0UqjaLR1x+D69lzUhy9pefPgo3wJg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 220ms
62ms Script
application/javascript 146.75.36.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:08:41 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kcgs7200161-IAD

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 26 KB
9 KB 190ms
34ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5c4f333e017c9640455e5799950b8fbebded3b1f815debdb6f78a6bc9a599faf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 11 Jan 2024 16:53:48 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "7e21c5a8cd33b5b26adb70efa1378617"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 8123

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 252ms
79ms Script
application/javascript 23.48.224.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9QIOIBC77UCFR8R5RE0&lib=ttq
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-108.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2cd41a877589998fab7fb050fc66fce272cd78342d5d8f5fec77e4c03addd396

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: fcd17b66.21baf3c3
date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24012208391884849EE1378A641A42F3-22A2FF00EA334597-00
x-cache: TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 12,23.195.36.76
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=6, inner; dur=3
content-length: 1916
pragma: no-cache
server: nginx
x-tt-logid: 2024012208391884849EE1378A641A42F3
x-cache-remote: TCP_MISS from a23-48-200-142.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.48.200.142
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa87c89e34dd8570041d1f8f0660aab6e7f6e9ef395aafe412eb9e491d56e864274c7c6e658cf04e29dc6574400f27d3066eccc0123c4aa16468d0149c77d6085c9c696c64fd13662865bcb62e45d82d36036009f2543d54889f79bd3ded13e03ec3
expires: Mon, 22 Jan 2024 08:39:18 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 310ms
69ms Script
application/javascript 2600:141b:1c00:2586::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2586::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1836

GET
H2 200 location Show response
www.webmd.com/api/directories/Service.svc/ 352 B
2 KB 224ms
96ms XHR
application/json 104.18.34.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webmd.com/api/directories/Service.svc/location

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.238 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

37532801d6e1e6f6cbcb615e8c08c049813673f5524d211dec922d994d98ed9e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-duration: -1
content-encoding: gzip
x-serviceurl-query: false
x-redis: redis_server_2
x-cache-key: www.k8s.webmd.com/api/directories/service.svc/location
x-service-url: http://production-webmd-location-api.webmd-prod/location
x-cache-reason: routing
x-ab-test-id: default
x-cache-time: Monday, 22-Jan-2024 08:39:18 GMT
x-route: pg
x-served-by-system: Platform-Nginx-Caching
etag: W/"160-K59gLK5r8A8bAiephoIdqr+AG8A"
vary: Origin
x-header: false
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
cache-control: no-cache, proxy-revalidate
x-edge-cache-expiry: cache_expiry_time_not_available
x-edge-cache-duration: -1
x-cache-expiry: cache_expiry_time_not_available
x-ngxdatacenter: MA1
x-robots-tag: noindex
access-control-allow-headers: Accept, Access-Control-Request-Headers, Access-Control-Request-Method, Authorization, client_id, Content-Type, enc_data, Origin, Redirect, timestamp, x-request-origin-type, X-Requested-With
date: Mon, 22 Jan 2024 08:39:18 GMT
cf-cache-status: DYNAMIC
x-skipcache-by-query: 0
x-route-akamai: N/A
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-cache-2: BYPASS
x-location: api
x-cache: MISS
x-powered-by: Express
x-internalk8s-service: true
content-length: 220
x-xss-protection: 1; mode=block
x-runtime: new
x-cf-ray: ngx-841a4ac4-c5c6-4cdb-8a6e
last-modified: Mon, 22 Jan 2024 08:39:18 GMT
server: cloudflare
x-datacenter: MA1
x-active-active: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4cXOUIQx8%2BzmyYHO50q8fXLO5i%2F%2FZEDn7uT4FGqpNnfD3sPfv0h7yJU86Wwh%2BsaQLcJKs3xxFx3FmHtUEkx%2FS0%2F6ZRSORuCZRHOA6Uz4tLwUAG3sn8%2Fi0J8rvpDABQ%3D"}],"group":"cf-nel","max_age":604800}
x-true-client-ip: 38.132.118.67
cf-ray: 84967c571f3e74ca-MIA
x-ab-test-name: default
x-skipcache: 0
x-cf-request-id: ngx-3dea674e-821e-4195-ae57-c7e7919a8280

GET
H2 200 js Show response
preferences.trustarc.com/webservices/ 8 KB
4 KB 224ms
61ms Script
text/javascript 35.153.246.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://preferences.trustarc.com/webservices/js?domain=webmd&type=webmd_popnew&js=responsive

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/non-critical.8acd8993.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.246.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Apache /

Resource Hash

33a0f5570d9038817c265104501ce5b24c514fae1f15a531e30d63a876ef0b57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-length: 2784
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
server: Apache
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/ 14 KB
16 KB 246ms
72ms Image
image/svg+xml 13.225.214.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/seal?rid=07326333-3522-463d-81bf-f00fd7171fff

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.225.214.72 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-214-72.ewr50.r.cloudfront.net

Software

TXS /

Resource Hash

4b8271a7147141530b4450016f74d728419e6cea808360acdf2c25ce1ab6cf96

Security Headers

Name	Value
Content-Security-Policy	object-src 'none'; frame-ancestors https://.trustarc.com https://.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; font-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; style-src 'self' 'unsafe-inline' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; img-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net https://trustarc.com; frame-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; connect-src 'self' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' .trustarc.com .trustarc-svc.net .truste.com .truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 12:50:26 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff, nosniff, nosniff
Content-Security-Policy: object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Via: 1.1 3ea7dd920772e2ffb2371e107e093dfc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR50-C1
Cross-Origin-Embedder-Policy: unsafe-none, unsafe-none
Age: 71332
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin, cross-origin
Connection: keep-alive
Content-Length: 14237
X-Xss-Protection: 1; mode=block, 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
Server: TXS
Cross-Origin-Opener-Policy: cross-origin, cross-origin
ETag: W/"14237-1594834154000"
Expect-CT: enforce, max-age=60, enforce, max-age=60
X-Frame-Options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type: image/svg+xml
Cache-Control: no-cache, must-revalidate, no-cache, no-store
Access-Control-Allow-Credentials: true
Permissions-Policy: autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
Accept-Ranges: bytes
X-Amz-Cf-Id: _yPR_xVYFfq5VOxXJjHph0vFiEHpRaQkzlAINzG9vtvfkj-lJdQWrg==

GET
H2 200 tag-registered.png
img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/layout/shared/ 2 KB
2 KB 50ms
39ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/layout/shared/tag-registered.png?resize=*:60px
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a252ba80dd58425b6636b9b496c6a1f4d9f17c1ed1c613e69aac379deeaa6dc0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
cf-cache-status: HIT
age: 5532075
x-powered-by: Express
content-length: 2288
last-modified: Mon, 13 Feb 2023 14:10:51 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"8f0-1864b1d3912"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c569ac1748e-MIA
expires: Tue, 23 Jan 2024 08:39:18 GMT

GET
H2 200 ad-choice.png
img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/oncology/1/footer-images/ 790 B
879 B 52ms
41ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/oncology/1/footer-images/ad-choice.png
Requested by: Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a23c2ecb8275559273d6cd16250ba4d97bb0464c24c722a346f8136edc912247

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
cf-cache-status: HIT
age: 5357809
x-powered-by: Express
content-length: 790
last-modified: Mon, 13 Feb 2023 14:10:51 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"316-1864b1d384d"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c569ac2748e-MIA
expires: Tue, 23 Jan 2024 08:39:18 GMT

GET
H2 200 ios-dwnld.png
img.webmd.com/vim/live/webmd/consumer_assets/site_images/tocs/community/thumbnails/ 1 KB
2 KB 50ms
41ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/vim/live/webmd/consumer_assets/site_images/tocs/community/thumbnails/ios-dwnld.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bf08564bdd85bcb3eb39e90e5fdae61142439bd23c433292163895f3bbcbad52

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
cf-cache-status: HIT
age: 5702516
x-powered-by: Express
content-length: 1502
last-modified: Mon, 31 Jul 2023 20:19:42 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"5de-189ad9b4780"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c569ac4748e-MIA
expires: Tue, 23 Jan 2024 08:39:18 GMT

GET
H2 200 android-dwnld.png
img.webmd.com/vim/live/webmd/consumer_assets/site_images/tocs/community/thumbnails/ 1 KB
2 KB 51ms
43ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/vim/live/webmd/consumer_assets/site_images/tocs/community/thumbnails/android-dwnld.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 12f78deb739f0c1f8df9ac7212f67b2fb6e7ab353724c49121f82a1d29f09e95

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
cf-cache-status: HIT
age: 5701021
x-powered-by: Express
content-length: 1534
last-modified: Mon, 31 Jul 2023 20:14:22 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"5fe-189ad96656e"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c569ac5748e-MIA
expires: Tue, 23 Jan 2024 08:39:18 GMT

GET
H2 200 follow-checkmark.png
img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/newsletters/overlay/ 1018 B
1 KB 47ms
39ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/newsletters/overlay/follow-checkmark.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: be31995b68aeb55f0e1ab947ba6e3fbf3cc14575792f2ae524d509a2b1ceae08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
cf-cache-status: HIT
age: 5334871
x-powered-by: Express
content-length: 1018
last-modified: Mon, 13 Feb 2023 14:19:24 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"3fa-1864b250c7a"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c569ac7748e-MIA
expires: Tue, 23 Jan 2024 08:39:18 GMT

GET
H2 200 RCe3e534ad14e9479c9c8c17acb33769b3-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 338 B
475 B 80ms
76ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RCe3e534ad14e9479c9c8c17acb33769b3-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e43cced0af9bdf5bbe261d312b3f0b85b3bb55b2cb0c6767497c8a4c8fcc1b73

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 218
expires: Mon, 22 Jan 2024 09:39:18 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/ 430 KB
135 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d13cfeb68d1dd40526d00e29dfa3eaf1c163ad2ac341fe4dc61a3b01c5b1311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:24:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 900
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138162
x-xss-protection: 0
server: cafe
etag: 1666572220375911148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 21 Jan 2025 08:24:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 69 B
86 B 315ms
183ms XHR
application/json 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cffr01.ourmd.store

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a86323de6db05a3bf733837fc841ae486dacfa42072c11fc8f9ba59eb9637971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:19 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705912758889&ns_c=UTF-8&c7=https%3A%2F%2Fcffr01.ourmd.store%2F&c8=WebMD%20-%20Better%20information.%20Better...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705912758889&ns_c=UTF-8&c7=https%3A%2F%2Fcffr01.ourmd.store%2F&c8=WebMD%20-%20Better%20information.%20Bette...

0
225 B

73ms
73ms

Image
text/plain

13.35.93.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705912758889&ns_c=UTF-8&c7=https%3A%2F%2Fcffr01.ourmd.store%2F&c8=WebMD%20-%20Better%20information.%20Better%20health.&c9=
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Server: 13.35.93.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-67.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
via: 1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P8
x-amz-cf-id: ZMe1CzxnrjErL4dnNYGXkL3vpX-rTKAhYwf_m6bWba-5a3UP31qI4w==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 22 Jan 2024 08:39:18 GMT
via: 1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P8
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035829&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1705912758889&ns_c=UTF-8&c7=https%3A%2F%2Fcffr01.ourmd.store%2F&c8=WebMD%20-%20Better%20information.%20Better%20health.&c9=
content-length: 0
x-amz-cf-id: D_fRyMbRNlpcSDznlAbkKKMa41FqbQsTqAaycvYhur00piihsN20nQ==

GET
H2 200 3100 Show response
config.aps.amazon-adsystem.com/configs/ 532 B
797 B 228ms
47ms Script
application/javascript 108.138.106.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3100
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-59.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: dcdefcc4fb6721539a89c0d5d132082c5b63d63e3633ccd2810107e3c9bd3a86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 07:48:19 GMT
via: 1.1 472c04481f2812a974e09db484cbbc3a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P3
age: 3060
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 532
x-amz-cf-id: ccgiogOiftoKrnUS1es20lhiUJokGN-rO9Ry4UUO1GQ7R4Le9_1GEw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
3 KB 73ms
71ms XHR
application/json 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3100&u=https%3A%2F%2Fcffr01.ourmd.store
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: af76d25835a302abbffe404f327be8f4af4c3f87f58179ca6284976dc044755d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 03:44:10 GMT
via: 1.1 01b6e75b22243ae76d6d282c014927c6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 17707
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 2452
x-amz-cf-id: eVRXbJst5p_08MscK_Z6ecMsWFSdjZfhqhRkTap1olIF1yHNBuF2Og==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 261ms
122ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: fCyew8-QK8_xNmembpDUKQGAeizSkARJ9gDJE0Rv8aEIZPjL3VKkyg==

GET
H2 200 ucreative.js
hbx.media.net/__media__/js/ 0
2 KB 170ms
170ms Other
application/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/__media__/js/ucreative.js?cv=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

server-18-173-138-29.jfk52.r.cloudfront.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 08:39:18 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=432000
content-length: 2178
x-mnet-hl2: E
expires: Sat, 27 Jan 2024 08:39:18 GMT

GET
H2 200 RCd9c719e829494858a5a34f2b1780a8d5-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 1 KB
939 B 73ms
73ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RCd9c719e829494858a5a34f2b1780a8d5-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dc98645f8afa36233efebb987adc2ec6dff7d06d78d07ae5173f1f3a8be4e95a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 681
expires: Mon, 22 Jan 2024 09:39:18 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 139ms
26ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1705912758963&id=t2_109a14pl&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=885142c9-f031-414b-a82e-336b45dfb1a4&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_97292340&dpm=&dpcc=&dprc=
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 403 adsct
t.co/i/ 0
0 248ms
128ms Image
application/json 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.co/i/adsct?bci=3&eci=2&event_id=4c1db3e4-b670-420e-b561-c4cb62fb8012&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ea541600-d45d-4498-b18e-c2c821dd7a81&tw_document_href=https%3A%2F%2Fcffr01.ourmd.store%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxo3v&type=javascript&version=2.3.29
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 403 adsct
analytics.twitter.com/i/ 0
0 235ms
104ms Image
application/json 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4c1db3e4-b670-420e-b561-c4cb62fb8012&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ea541600-d45d-4498-b18e-c2c821dd7a81&tw_document_href=https%3A%2F%2Fcffr01.ourmd.store%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nxo3v&type=javascript&version=2.3.29
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 carefinder Show response
www.webmd.com/kapi/secure/phydir/ 2 KB
2 KB 313ms
303ms XHR
application/json 104.18.34.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webmd.com/kapi/secure/phydir/carefinder?topicid=1728&capid=091e9c5e823d0cb2&lat=40.8&lon=-73.97

Requested by

Host: img.wbmdstatic.com
URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/js/chunk-vendors.bedba5cb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.238 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0a33d147db94ff7053420143aab1755589243aab74eb31957392570a3d325424

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
timestamp: 1705912758
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
enc_data: /T8TBURP4zi0XMYqUse3CLcMQ7AD4SF+MAoVeKY0NQU=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
client_id: ffd1790e-63c1-4c47-a6b9-e78fddd2de60

Response headers

x-cache-duration: -1
content-encoding: gzip
x-serviceurl-query: false
x-redis: redis_server_2
x-cache-key: null
x-service-url: http://production-webmd-care-seo-redesign-api.webmd-prod/phydir/carefinder?topicid=1728&capid=091e9c5e823d0cb2&lat=40.8&lon=-73.97
x-cache-reason: routing
x-ab-test-id: default
x-cache-time: Monday, 22-Jan-2024 08:39:19 GMT
x-route: pg
x-oauth: true
x-served-by-system: Platform-Nginx-Caching
etag: W/"9f8-rBRAdNb4Pob1Uksi/8hQQOuxRhY"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-header: false
cache-control: no-cache, proxy-revalidate
x-edge-cache-expiry: cache_expiry_time_not_available
x-edge-cache-duration: -1
x-cache-expiry: cache_expiry_time_not_available
x-ngxdatacenter: MA1
access-control-allow-headers: *
x-robots-tag: noindex
date: Mon, 22 Jan 2024 08:39:19 GMT
cf-cache-status: DYNAMIC
x-skipcache-by-query: 0
x-route-akamai: N/A
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-cache-2: BYPASS
x-location: secure
x-cache: MISS
x-powered-by: Express
x-internalk8s-service: true
content-length: 1001
x-xss-protection: 1; mode=block
x-runtime: new
x-cf-ray: ngx-a461e0ac-93de-4c4d-9a2a
last-modified: Mon, 22 Jan 2024 08:39:19 GMT
server: cloudflare
x-datacenter: MA1
x-active-active: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLS6K1yvfr7siZnOyyaC6Du%2FwtlfRtjYZatNpU4a5zZZ6htHuLnTNHzRu2Kf9J2h9kz8oEgBWsLZfmcJkiDre6QVT%2F9fFkpIxg7RKrWeo%2FsIW0T%2B9eNFOgzTrg6CYKE%3D"}],"group":"cf-nel","max_age":604800}
x-true-client-ip: 38.132.118.67
access-control-allow-credentials: true
cf-ray: 84967c586fd174ca-MIA
x-ab-test-name: default
x-skipcache: 0
x-cf-request-id: ngx-9a1fae59-0b07-44e6-886a-fe1dd27c4fb2

OPTIONS
H2 200 carefinder
www.webmd.com/kapi/secure/phydir/ Frame 0
0 87ms
86ms Preflight
application/json 104.18.34.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.webmd.com/kapi/secure/phydir/carefinder?topicid=1728&capid=091e9c5e823d0cb2&lat=40.8&lon=-73.97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.34.238 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: client_id,enc_data,timestamp
Access-Control-Request-Method: GET
Origin: https://cffr01.ourmd.store
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: *
cache-control: no-cache, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84967c57df8474ca-MIA
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 22 Jan 2024 08:39:19 GMT
etag: W/"37-luiPaVPqlJ7ABFMGK60vnWGwTII"
last-modified: Mon, 22 Jan 2024 08:39:19 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GBnuTcLPjGtDhZ%2BZP53AcUbZrAqipVzBq3s0jLuL46qUaN8qE4hqxPMjvqpGajzzdAttUf3oqYfBTprjZTLdWlEBySmPL5KHb3EMJxzVriVwJ6zCKAD7CuqOf8Mu44%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-ab-test-id: default
x-ab-test-name: default
x-active-active: 0
x-cache: BYPASS
x-cache-2: BYPASS
x-cache-duration: -1
x-cache-expiry: cache_expiry_time_not_available
x-cache-key: www.k8s.webmd.com/kapi/secure/phydir/carefinder?topicid=1728&capid=091e9c5e823d0cb2&lat=40.8&lon=-73.97
x-cache-reason: routing
x-cache-time: Monday, 22-Jan-2024 08:39:19 GMT
x-cf-ray: ngx-42d4394a-a5d7-4345-8054
x-cf-request-id: ngx-03028b5e-bbdb-41b5-8bfd-040c797a3e95
x-datacenter: MA1
x-edge-cache-duration: -1
x-edge-cache-expiry: cache_expiry_time_not_available
x-header: false
x-internalk8s-service: true
x-location: secure
x-ngxdatacenter: MA1
x-oauth: true
x-powered-by: Express
x-redis: redis_server_2
x-robots-tag: noindex
x-route: pg
x-route-akamai: N/A
x-runtime: new
x-served-by-system: Platform-Nginx-Caching
x-service-url: http://production-webmd-care-seo-redesign-api.webmd-prod/phydir/carefinder?topicid=1728&capid=091e9c5e823d0cb2&lat=40.8&lon=-73.97
x-serviceurl-query: false
x-skipcache: 0
x-skipcache-by-query: 0
x-true-client-ip: 38.132.118.67
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
682 B 222ms
63ms XHR
text/xml 3.239.232.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D25%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=25
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.239.232.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-239-232-253.compute-1.amazonaws.com
Software: /
Resource Hash: 54895f3c1d59e1322a51f78f732119a6e62ed67906bba25c8c40b5b4d942234e

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Mon, 22 Jan 2024 08:39:19 GMT
connection: keep-alive
x-amzn-RequestId: c08475be-04d5-5016-abb6-2b962f222713
Content-Length: 378
Content-Type: text/xml

GET
H2 200 main.MTc3MGUxMzJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 396 KB
103 KB 70ms
66ms Script
application/javascript 23.48.224.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9QIOIBC77UCFR8R5RE0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-108.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 21baf59d
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202401121632230DEFD51DA1A609612812
x-tt-trace-id: 00-2401121632230DEFD51DA1A609612812-7E132682A68C8DA6-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d2d7c24e93ff2c49e4186091530f00d2227df7e5f3befa98a912c9ada1515febcde831904c1a0a04cd9e931b1a3c5650d6df20e0113ce883ef4bb8066d05ad6c88133fdbf04b866b60275d8a1a458b5a665db14a4efb71412aa5cfa49b4228b1
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 105233

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 299ms
88ms Script
application/javascript 23.7.29.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.7.29.146 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-7-29-146.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 22 Jan 2024 08:54:19 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
39 KB 230ms
72ms Script
text/javascript 108.138.128.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-34.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 22:23:47 GMT
via: 1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P4
age: 36933
etag: "6e8b1f94eaf615b7d0953ad4e8d8bb85"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
content-length: 39537
x-amz-cf-id: ImRgc_EGgtDXquJU7uo5tBmoodeDoj3OYxAcAYRAv0-8OMnKRV4OYg==

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 10 KB
4 KB 159ms
45ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497d93c13f61bf8214719cab3a9d1b3b58d84009d36b640f12e257b733fb249a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 19:21:35 GMT
server: cloudflare
age: 390833
etag: W/"65833ebf-2810"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84967c58ce3074c0-MIA
expires: Thu, 25 Jan 2024 08:39:19 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 50ms
50ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: N0T2VEYFY8D7VBKM
age: 1006
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84967c57fee39ae6-MIA
x-amz-id-2: QG3GQHWHEK4PI9Elqt0k2lf3FkJPZQHJIyhEgU17iMqYUseNkJKf/47z+zFT0BDXz9hREODqxCvLlV8KiEA0bQ==

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 142ms
49ms Script
application/javascript 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6857163
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HEBSNW6YW8DYNA1J21M60Q76-mia
server: cloudflare
etag: W/"2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84967c58b97e31d7-MIA

GET
H2 200 RC226e9bcf0a2a4ebabb1e6c96cebde48a-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 752 B
722 B 73ms
72ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RC226e9bcf0a2a4ebabb1e6c96cebde48a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5afb37f9d9c205be32516be9a2afa2c976b8238fa186292cae6c17a3ca1d43a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 464
expires: Mon, 22 Jan 2024 09:39:19 GMT

GET
H2 200 main.43c0095c.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 75ms
68ms Script
application/javascript 2600:141b:1c00:2586::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:2586::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 19076

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 64 B
504 B 305ms
108ms XHR
text/javascript 18.173.138.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3100&u=https%3A%2F%2Fcffr01.ourmd.store%2F&pid=zLozF0JQQFstY&cb=0&ws=1600x1200&v=24.116.2102&t=800&slots=%5B%7B%22sd%22%3A%22hp-instream-ad-1%22%2C%22s%22%3A%5B%22728x90%22%2C%221x9%22%2C%221x16%22%2C%22728x92%22%5D%2C%22sn%22%3A%22%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd%2Fhp-instream-ad-1%22%7D%2C%7B%22sd%22%3A%22hp-instream-ad-2%22%2C%22s%22%3A%5B%22728x90%22%2C%221x9%22%2C%221x16%22%2C%22728x92%22%5D%2C%22sn%22%3A%22%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd%2Fhp-instream-ad-2%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.138.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 0bec03027031f991ae9cc48b95f1b35c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK52-P2
x-amz-rid: E9S239ZF63X9HJKARYPP
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: S3hRKmlz-oK0DyEtQC2E9GJ_JehQqNNjChD9eSYr01c-2Dn4ctYcLw==

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/ids/ 13 B
309 B 137ms
87ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/ids/pub.json?ctx=17778638&cmp=DV587414&url=https%3A%2F%2Fcffr01.ourmd.store&ids=1&token=default

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44d6d1f2648e7469518e4c7c2434917f72f734dfb30716ea66a139ff4b6eb53b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: origin, x-forwarded-for, user-agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://cffr01.ourmd.store
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: private, max-age=900
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 84967c59eab27429-MIA
content-length: 13
alt-svc: h3=":443"; ma=86400

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/bsc/ 40 B
277 B 142ms
94ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/bsc/pub.json?ctx=17778638&cmp=DV587414&url=https%3A%2F%2Fcffr01.ourmd.store&bsc=1&abs=1&token=default

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

923ce7ff9707cac6ad46a29b6c6e3d987b95ab93fa16ee854914dc1681d70697

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://cffr01.ourmd.store
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 84967c59eab17429-MIA
content-length: 40
alt-svc: h3=":443"; ma=86400

GET
H3 200 pub.json Show response
pub.doubleverify.com/dvtag/signals/vlp/ 113 B
283 B 179ms
131ms Fetch
application/json 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/signals/vlp/pub.json?ctx=17778638&cmp=DV587414&url=https%3A%2F%2Fcffr01.ourmd.store&vlp=1&tvp=1&slot-0-%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd=1x8%2C970x251&slot-1-%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd=1x1&slot-2-%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd=&slot-3-%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd=&token=default

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2dc34b53ba6d82ebf79bdb9908ff95e20a54b039e18556356cba8c5223bbdd7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
content-security-policy: frame-ancestors 'self'
server: cloudflare
vary: origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://cffr01.ourmd.store
access-control-expose-headers: Server-Timing, Cf-Ray
cache-control: public, max-age=43200
access-control-allow-credentials: true
timing-allow-origin: *
cf-ray: 84967c59eab37429-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 428750600651790 Show response
connect.facebook.net/signals/config/ 139 KB
37 KB 253ms
245ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/428750600651790?v=2.9.141&r=stable&domain=cffr01.ourmd.store

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7abac73269b9d623096ce211a4167292f6bd87a9a460264b6527c7fa4a99fcc0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 22 Jan 2024 08:39:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: eVPA7PoWgs0fuM9ChcuH/1esZ2AsiE0ewFOjHjqkA5Dl8a9LgUn4pLJjQ9PFI22m1RXGieAy3i0QqwWRnqcxDg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 787.json Show response
id5-sync.com/g/v2/ 630 B
1 KB 446ms
142ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/787.json

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

5395fed40dc322c9bbdb839425e0b9214f35f6ea0257f505d6f032eea5826b38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cffr01.ourmd.store
date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 25712 Show response
idx.liadm.com/idex/unknown/ 50 B
458 B 252ms
78ms XHR
application/json 54.210.6.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/25712?duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&resolve=nonId

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.6.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-6-32.compute-1.amazonaws.com

Software

Resource Hash

d7da589a8137a1050d92652aa2328eb52d5c4f7736c7a4a621b4ca7faff40676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 19
content-type: application/json
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=86399, private
access-control-allow-credentials: true
trace-id: e09b42d9151ae74e
content-length: 50
expires: Tue, 23 Jan 2024 08:39:19 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 75 B
826 B 231ms
68ms XHR
application/json 50.19.176.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=false
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.176.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-176-119.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8becb45cfc023660fd08a080390f477da5d98ca143ba19c7cb4e4690cc4c001d

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache
x-server: 10.40.51.146
access-control-allow-credentials: true
content-length: 75
expires: 0

GET
H2 200 rtbsmcpubs.php Show response
hbx.media.net/ 22 KB
3 KB 194ms
191ms Script
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/rtbsmcpubs.php?&prvReqId=12413355560735271705912759487&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*4%7C300x250%7C8CU12LGKP%7C364830839%7C%7C%7C1%40356136642*4%7C728x90%7C8CU12LGKP%7C544325350%7C%7C%7C1%40388736527*4%7C160x600%7C8CU12LGKP%7C291947708%7C%7C%7C1%40638432657*4%7C300x250%7C8CU12LGKP%7C914763377%7C%7C%7C1%40656615527*4%7C300x600~300x250%7C8CU12LGKP%7C218328618~463247757%7C%7C%7C1%40758214918*4%7C1x9%7C8CU12LGKP%7C103562752%7C%7C%7C1%40867238351*4%7C728x90%7C8CU12LGKP%7C437029077%7C%7C%7C1&hlt=1&rt=5&tscode=1&ugd=4&ismac=0&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&prid=8PRVCXX19&act=akamai&source=akamai&usp_enf=1&usp_status=0&callback=window.advBidxc.akmscript3196

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

f625b93af7a35baa661736be2905a191ffeb62cf86b86d3ab4a9a16d189b9dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 08:39:19 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 3250
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:19 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 54 B
296 B 199ms
58ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&j=window.advBidxc.crt&gdpr=0&gdpr_consent=&us_privacy=&gdpr_pd=0

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

34fdabcecf8abe48ca921b23839ca6304ae4942011b527b1ec160a991d53bb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 303396
expires: 60

GET
H2 200 pubcid.php Show response
hbx.media.net/ 57 KB
18 KB 77ms
76ms Script
text/html 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.conv

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

df87c420069aad7858afc8b181fa6fb68e6deaeb81d73659e7c22f1b480f5d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 08:39:19 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1800
content-length: 18527
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 09:09:19 GMT

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 15 KB
7 KB 298ms
181ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: e2370991b63fe2e9b60aaa7852708a27dff545ca0b75c5f24df7e3481135de73

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 103
alt-svc: clear
expires: Mon, 22 Jan 2024 08:39:19 GMT

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 16 KB
7 KB 270ms
171ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 822649d0ff00789a0398ec9c798513923b35942c3d6e0584d4ff53e175869f44

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 123
alt-svc: clear
expires: Mon, 22 Jan 2024 08:39:19 GMT

GET
H2 200 tcb.js Show response
contextual.media.net/ 82 KB
12 KB 318ms
101ms Script
text/javascript 23.46.224.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/tcb.js?&cb=window.advBidxc.nativetemplatefetch&req=T31K017_300x160%7CT31K017_728x90%7CT9VJI4H_728x90%7CTB13F85_1x7%7CTEU8ETI_1x9%7CTEU8ETI_300x250%7CTNG7O25_300x600%7CTU6BMCI_160x600&v=21|20|22|22|22|22|22|22

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.224.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

505c0f85bccd8c9f97bc5498e0d49f2496a8163e8a19d4345fecde9809a76efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 22 Jan 2024 08:39:19 GMT
server: Apache
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=172800
alt-svc: h3=":443"; ma=93600
content-length: 12502
expires: Wed, 24 Jan 2024 08:39:19 GMT

GET
H2 200 mcx.js Show response
hbx.media.net/ 299 B
495 B 393ms
392ms Script
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/mcx.js?&callback=window.advBidxc.contextualcallback&cid=8CU66J63J&dn=cffr01.ourmd.store&icode=cop&itype=HB&rt=2&url=https%3A%2F%2Fcffr01.ourmd.store%2F&ver=2

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ac688c0b2971b12ed302f628849d49bbd2918157281abf027e9d1eeeea87c2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 22 Jan 2024 08:39:19 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, no-cache
content-length: 299
expires: Mon, 22 Jan 2024 08:39:19 GMT

GET
H2 200 RC84033c73af254684bf88d84677f1a17a-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 3 KB
1 KB 96ms
73ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RC84033c73af254684bf88d84677f1a17a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ca0e5bc9a03de7bc1d161949e0cc655c2e9550867556cefe97c4a8eb623cc94d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1093
expires: Mon, 22 Jan 2024 09:39:19 GMT

GET
H2 200 230x50-NYP-Logo.png
img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/logos/client/carefinder/NYP/ 2 KB
3 KB 53ms
44ms Image
image/webp 172.64.154.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.webmd.com/dtmcms/live/webmd/consumer_assets/site_images/logos/client/carefinder/NYP/230x50-NYP-Logo.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.64.154.8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3de03ab956d394ea1edfa38e8f37d4a32ea03c1d78cc76db165bb570f1d723c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
cf-cache-status: HIT
age: 5331697
x-powered-by: Express
content-length: 2456
last-modified: Mon, 13 Feb 2023 14:13:20 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"998-1864b1f7ed6"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 84967c5bcd38748e-MIA
expires: Tue, 23 Jan 2024 08:39:19 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 136 KB
11 KB 182ms
86ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=29961215435659291705912759515&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*23%7C300x250%7C1037255%7C19266772%7C%7C%7C1%40170485818*29%7C300x250%7C16268%7C119514_564734_15%7C%7C%7C1%40170485818*54%7C300x250%7C8CU66J63J%7C758214918%7C%7C%7C1%40170485818*79%7C300x250%7C156459%7C2669651_667269%7C%7C%7C1%40170485818*96%7C300x250%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C1%40170485818*229%7C300x250%7C8CU734595%7C375117874%7C%7C%7C1%40170485818*441%7C300x250%7C934769%7C758214918_934769%7C0.05%7C%7C1%40170485818*4%7C300x250%7C8CU12LGKP%7C364830839%7C%7C%7C1%40356136642*23%7C728x90%7C1037255%7C11572292%7C%7C%7C1%40356136642*29%7C728x90%7C16268%7C119514_564734_2%7C%7C%7C1%40356136642*54%7C728x90%7C8CU66J63J%7C356136642%7C%7C%7C1%40356136642*79%7C728x90%7C156459%7C1163484_215505%7C%7C%7C1%40356136642*96%7C728x90%7C8CU66J63J%7C356136642_728x90%7C%7C%7C1%40356136642*107%7C728x90%7C562650%7C733000%7C%7C%7C1%40356136642*229%7C728x90~970x250~970x90%7C8CU734595%7C182703547~247181456~431545882%7C%7C%7C1%40356136642*441%7C728x90~970x250~970x90%7C934769%7C356136642_934769~356136642_934769~356136642_934769%7C0.05%7C%7C1%40356136642*4%7C728x90%7C8CU12LGKP%7C544325350%7C%7C%7C1%40388736527*23%7C160x600%7C1037255%7C11572293%7C%7C%7C1%40388736527*29%7C160x600%7C16268%7C119514_564734_9%7C%7C%7C1%40388736527*54%7C160x600%7C8CU66J63J%7C388736527%7C%7C%7C1%40388736527*79%7C160x600%7C156459%7C1163482_215505%7C%7C%7C1%40388736527*96%7C160x600%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C1%40388736527*107%7C160x600%7C562650%7C733002%7C%7C%7C1%40388736527*229%7C160x600%7C8CU734595%7C856388266%7C%7C%7C1%40388736527*441%7C160x600%7C934769%7C388736527_934769%7C0.05%7C%7C1%40388736527*4%7C160x600%7C8CU12LGKP%7C291947708%7C%7C%7C1%40638432657*23%7C300x50~300x250~320x50%7C1037255%7C19830371~19830371~19830371%7C%7C%7C1%40638432657*29%7C300x50~300x250~320x50%7C16268%7C119514_564734_44~119514_564734_15~119514_564734_43%7C%7C%7C1%40638432657*54%7C300x50~300x250~320x50%7C8CU66J63J%7C638432657~638432657~638432657%7C%7C%7C1%40638432657*79%7C300x250~320x50%7C156459%7C4039456_215505~4039457_215505%7C%7C%7C1%40638432657*96%7C300x50~300x250~320x50%7C8CU66J63J%7C638432657_8CU66J63J~638432657_8CU66J63J~638432657_8CU66J63J%7C%7C%7C1%40638432657*441%7C300x50~300x250~320x50%7C934769%7C638432657_934769~638432657_934769~638432657_934769%7C0.05%7C%7C1%40638432657*4%7C300x250%7C8CU12LGKP%7C914763377%7C%7C%7C1%40656615527*23%7C300x600~300x250%7C1037255%7C11572290~11572290%7C%7C%7C1%40656615527*29%7C300x600~300x250%7C16268%7C119514_564734_10~119514_564734_15%7C%7C%7C1%40656615527*54%7C300x600~300x250%7C8CU66J63J%7C656615527~656615527%7C%7C%7C1%40656615527*79%7C300x250%7C156459%7C1163480_215505%7C%7C%7C1%40656615527*96%7C300x250%7C8CU66J63J%7C656615527_300x250%7C%7C%7C1%40656615527*107%7C300x600%7C562650%7C733001%7C%7C%7C1%40656615527*229%7C300x600~300x250%7C8CU734595%7C277543751~375117874%7C%7C%7C1%40656615527*441%7C300x600~300x250~300x251~300x1050%7C934769%7C656615527_934769~656615527_934769~656615527_934769~656615527_934769%7C0.05%7C%7C1%40656615527*4%7C300x600~300x250%7C8CU12LGKP%7C218328618~463247757%7C%7C%7C1%40758214918*54%7C1x9%7C8CU66J63J%7C758214918%7C%7C%7C1%40758214918*3003%7C1x1_TEU8ETI_1%7C1037255%7C14309511%7C%7C%7C3%40758214918*3054%7C1x1_TEU8ETI_1%7C562650%7C733010%7C%7C%7C3%40758214918*4%7C1x9%7C8CU12LGKP%7C103562752%7C%7C%7C1%40867238351*23%7C728x90%7C1037255%7C19266769%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.4852932723210581&tscode=1&crid=170485818%2C356136642%2C388736527%2C638432657%2C656615527%2C758214918%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2235448771673362901705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2247780706923713421705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2244210259119065401705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2250511821811741811705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2218131492361503101705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284704946519523801705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2251074294391383041705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%5D&pinfo=%7B%2223%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%2C%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0&switch=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

fa6b14bec1492803c32da700844d5e0717ca680c36587b16dc90d457b61fa4d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 22 KB
5 KB 163ms
68ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=25275386972588281705912759530&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*29%7C728x90%7C16268%7C119514_564734_2%7C%7C%7C1%40867238351*54%7C728x90%7C8CU66J63J%7C867238351%7C%7C%7C1%40867238351*79%7C728x90%7C156459%7C2918487_215505%7C%7C%7C1%40867238351*96%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C1%40867238351*107%7C728x90%7C562650%7C733019%7C%7C%7C1%40867238351*229%7C728x90%7C8CU734595%7C182703547%7C%7C%7C1%40867238351*441%7C728x90%7C934769%7C867238351_934769%7C0.05%7C%7C1%40867238351*4%7C728x90%7C8CU12LGKP%7C437029077%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.08976922250216557&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2235448771673362901705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2247780706923713421705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2244210259119065401705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2250511821811741811705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2218131492361503101705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284704946519523801705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2251074294391383041705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%5D&pinfo=%7B%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

8e318a39e11276590464d3fc58f297e45bc65e80714133f7575ed1110d6d1b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 44 KB
3 KB 151ms
56ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=68449181922164201705912759541&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*29%7C300x250%7C16268%7C119514_564734_15%7C%7C%7C1%40170485818*54%7C300x250%7C8CU66J63J%7C758214918%7C%7C%7C1%40170485818*79%7C300x250%7C156459%7C2669651_667269%7C%7C%7C1%40170485818*96%7C300x250%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C1%40356136642*29%7C728x90%7C16268%7C119514_564734_2%7C%7C%7C1%40356136642*54%7C728x90%7C8CU66J63J%7C356136642%7C%7C%7C1%40356136642*79%7C728x90%7C156459%7C1163484_215505%7C%7C%7C1%40356136642*96%7C728x90%7C8CU66J63J%7C356136642_728x90%7C%7C%7C1%40356136642*107%7C728x90%7C562650%7C733000%7C%7C%7C1%40388736527*29%7C160x600%7C16268%7C119514_564734_9%7C%7C%7C1%40388736527*54%7C160x600%7C8CU66J63J%7C388736527%7C%7C%7C1%40388736527*79%7C160x600%7C156459%7C1163482_215505%7C%7C%7C1%40388736527*96%7C160x600%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C1%40388736527*107%7C160x600%7C562650%7C733002%7C%7C%7C1%40638432657*29%7C300x50~300x250~320x50%7C16268%7C119514_564734_44~119514_564734_15~119514_564734_43%7C%7C%7C1%40638432657*54%7C300x50~300x250~320x50%7C8CU66J63J%7C638432657~638432657~638432657%7C%7C%7C1%40638432657*79%7C300x250~320x50%7C156459%7C4039456_215505~4039457_215505%7C%7C%7C1%40638432657*96%7C300x50~300x250~320x50%7C8CU66J63J%7C638432657_8CU66J63J~638432657_8CU66J63J~638432657_8CU66J63J%7C%7C%7C1%40656615527*29%7C300x600~300x250%7C16268%7C119514_564734_10~119514_564734_15%7C%7C%7C1%40656615527*54%7C300x600~300x250%7C8CU66J63J%7C656615527~656615527%7C%7C%7C1%40656615527*79%7C300x250%7C156459%7C1163480_215505%7C%7C%7C1%40656615527*96%7C300x250%7C8CU66J63J%7C656615527_300x250%7C%7C%7C1%40656615527*107%7C300x600%7C562650%7C733001%7C%7C%7C1%40758214918*54%7C1x9%7C8CU66J63J%7C758214918%7C%7C%7C1%40758214918*3003%7C1x1_TEU8ETI_1%7C1037255%7C14309511%7C%7C%7C3%40867238351*29%7C728x90%7C16268%7C119514_564734_2%7C%7C%7C1%40867238351*54%7C728x90%7C8CU66J63J%7C867238351%7C%7C%7C1%40867238351*79%7C728x90%7C156459%7C2918487_215505%7C%7C%7C1%40867238351*96%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C1%40867238351*107%7C728x90%7C562650%7C733019%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.2475613910077732&tscode=1&crid=170485818%2C356136642%2C388736527%2C638432657%2C656615527%2C758214918%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2296384948539724481705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2215818644248967541705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2234494261319287381705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2258696522548429781705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2259468938561200001705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2296714336225598401705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2219206032018205761705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%5D&pinfo=%7B%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0&switch=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

1c90dbafdb75f1b30f9fd04ca5bac05af35c25558a1cf407c2ea784e027f133f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 67ms
67ms Script
application/javascript 23.48.224.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-108.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 21bb0036
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240104151451DB061653E0421D4370EB
x-tt-trace-id: 00-240104151451DB061653E0421D4370EB-4651735D7D7D4739-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e02dc4431cff0f39f8dbd13845277e5f3cbc20fca92aac715ef6568e8bce9aedafa88abc40a40c304d822eaef1d092d432950ba7fadf1c6a22aa1f4bcaf4102858ee8def5b03d80531352872d26b6056154a74e8d1105b955f86733d72212efb
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 37086

GET
H2 200 199x199.png
a.mktgcdn.com/p/vzy_TLYYUyXB9hMT3WgEFsz3uS3B-fffnZuc4xuCoVo/ 80 KB
80 KB 190ms
86ms Image
image/png 2606:4700::6813:b456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mktgcdn.com/p/vzy_TLYYUyXB9hMT3WgEFsz3uS3B-fffnZuc4xuCoVo/199x199.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3cbf4cb6185325c1f61313dd680416ccf7b92dc1f9f7df9d9b9ce31b82a15a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2019 21:56:54 GMT
server: cloudflare
age: 586873
x-amz-request-id: 3TTAK6TY808WHTCW
etag: "3651bfb11ba1bddd874dbd86d3183481"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c5cb86a4bfc-MIA
content-length: 82036
x-amz-id-2: 0HVK672DmugmF3KJOMaEK1KuVMbEhFwPJqSMDt5jNsNLa34cYjxBJv31pR7PMN86g0/1q9ZZ+EE=
expires: Tue, 21 Jan 2025 08:39:19 GMT

GET
H2 200 star-off.094a273f.svg
img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/img/ 502 B
473 B 48ms
38ms Image
image/svg+xml 2606:4700:4400::6812:253c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wbmdstatic.com/webmd_static_vue/091e9c5e823d0cb2-alloy-vue3/client/img/star-off.094a273f.svg
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:253c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4b42ce7460cb952205ac13c6eb00f3e044f3713893047ab527a4a4a57882e317

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4564122
x-powered-by: Express
last-modified: Tue, 28 Nov 2023 11:55:44 GMT
server: cloudflare
x-datacenter: MA1
etag: W/"1f6-18c15c905e0"
vary: Accept-Encoding
x-compressed-by: webmd
content-type: image/svg+xml
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 84967c5c2e436dd4-MIA
expires: Mon, 22 Jan 2024 12:39:19 GMT

GET
H2 200 640x640.png
a.mktgcdn.com/p/bPacBXCE1LrZd2JZMBF8Qf4JJBzAL2RFpwgiuMroiyU/1.0000/ 380 KB
381 KB 190ms
87ms Image
image/png 2606:4700::6813:b456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mktgcdn.com/p/bPacBXCE1LrZd2JZMBF8Qf4JJBzAL2RFpwgiuMroiyU/1.0000/640x640.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3fbcf4b7cf5094a5bb6e7a613b4a2867ab93ac4cef721be483a94f3318bedc6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Jan 2024 14:02:03 GMT
server: cloudflare
age: 464071
x-amz-request-id: KA5S0RS6MXFBZ72G
etag: "3208443e311263d0b2cf0bff27f0e2e9"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c5cb86b4bfc-MIA
content-length: 389013
x-amz-id-2: R73H13ixst/Jg9lZtwLNrvXkQJien0AhcuihKiGk/wedZctzUBjZ9PLvU+qK3uXCG9ArT1DtgY0=
expires: Tue, 21 Jan 2025 08:39:19 GMT

GET
H2 200 199x199.png
a.mktgcdn.com/p/BtA6OEsiQUgknNCBPcy4a_pKhiCRGmPt_X0uN7B95WE/ 82 KB
83 KB 147ms
48ms Image
image/png 2606:4700::6813:b456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.mktgcdn.com/p/BtA6OEsiQUgknNCBPcy4a_pKhiCRGmPt_X0uN7B95WE/199x199.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:b456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06d03a384b224148249cd0813dccb86bfa4a8620911a63edfd7d2e37b07de561

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:19 GMT
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2019 22:05:50 GMT
server: cloudflare
age: 254114
x-amz-request-id: V7YZPZVPC8FKHPJB
etag: "2c3dd27274c4a094059a9ac87d5eb81e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84967c5cb86c4bfc-MIA
content-length: 84262
x-amz-id-2: vOmOl+owjpXPbvzKlTJOYE+XWhUWNaJgNYvOcNt95Q759vRXtb00IpkJwCJaf0Lmb+AR3Hg6Szs=
expires: Tue, 21 Jan 2025 08:39:19 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
843 B 130ms
129ms Ping
text/plain 23.48.224.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-108.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d797340.21bb029d
date: Mon, 22 Jan 2024 08:39:19 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24012208391962DAD1A7029340FF0DE6-2D638A0ABD9CC262-00
x-cache: TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 46,23.195.36.76
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=39, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024012208391962DAD1A7029340FF0DE6
x-cache-remote: TCP_MISS from a104-78-78-4.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,104.78.78.4
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa87a7f1e5e89483f92d21739b5f83c989eb3420a98e1b33e95c8f22c3e33890dbfc2c57099e5d34f4353019a5862e05046a26dc257974c2c632c87d47995bf200fc5b06c88064756b2de493eeba7b9729c53df9305bbcb394c4812fe47546ab0f57
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 08:39:19 GMT

GET
H2 200 rtbsmcpubs.php Show response
hbx.media.net/ 4 KB
2 KB 166ms
162ms Script
text/javascript 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/rtbsmcpubs.php?&prvReqId=33800787895328441705912759814&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*4%7C728x90%7C8CU12LGKP%7C437029077%7C%7C%7C1&hlt=1&rt=5&tscode=1&ugd=4&ismac=0&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&prid=8PRVCXX19&act=akamai&source=akamai&usp_enf=1&usp_status=0&callback=window.advBidxc.akmscript4736

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c7548e9c39092bfa133b079b3eb2d49e6bcd1b97d7e1e7cb9be982681ba749ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Mon, 22 Jan 2024 08:39:19 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
content-length: 2052
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:19 GMT

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 777 B
547 B 102ms
100ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: bf3fdd7e2ea7270f009f7d602cb48bd338823eb72ffa9d8f405d8364b1899202

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 52
alt-svc: clear
expires: Mon, 22 Jan 2024 08:39:19 GMT

POST
H2 200 hb Show response
hb-pb.media.net/rtb/ 777 B
547 B 95ms
91ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-pb.media.net/rtb/hb?cid=8CU66J63J
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: bd30e48af97094c962d9f0a176962c0cf8bf41a477617ce6d59048ff202a12b2

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 43
alt-svc: clear
expires: Mon, 22 Jan 2024 08:39:19 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 131 KB
24 KB 404ms
403ms Fetch
text/plain 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=191031758407756&correlator=4178138334840133&eid=31079957%2C31080256%2C31079233%2C31079724&output=ldjh&gdfp_req=1&vrg=202401160101&ptt=17&impl=fifs&iu_parts=4312434%2Cconsumer%2Cwebmd%2Chp-conwbmd&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x8%7C970x251%2C1x1%2C320x50%7C728x90%7C1x9%7C1x16%7C728x92%2C320x50%7C728x90%7C1x9%7C1x16%7C728x92&fluid=0%2C0%2Cheight%2Cheight&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1705912759891&adxs=315%2C-12245933%2C431%2C431&adys=8535%2C-12245933%2C766%2C3232&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C-1%7C0%7C2&ucis=1%7C2%7C3%7C4&oid=2&tos=~~~&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcffr01.ourmd.store%2F&vis=1&psz=1600x64%7C1600x0%7C1240x120%7C1240x1061&msz=1600x64%7C0x50%7C738x90%7C738x90&fws=0%2C128%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=745845248.1705912758&ga_sid=1705912760&ga_hid=1802229436&ga_fc=true&dlt=1705912757439&idt=1726&prev_scp=pos%3D922%26ad_slot%3Dad-pos-922-1%7Cpos%3D901%26ad_slot%3Dad-pos-901-1%7Cpos%3D141%26ad_slot%3Dhp-instream-ad-1%26strnativekey%3DkEMWZGoo8vzvtwJKrcPEDvnd%26amznbid%3D2%26amznp%3D2%26optimera%3DZ%2C1%2CD4%7Cpos%3D141%26ad_slot%3Dhp-instream-ad-2%26strnativekey%3DkEMWZGoo8vzvtwJKrcPEDvnd%26amznbid%3D2%26amznp%3D2%26optimera%3DNDS&cust_params=sname%3Dcore%26ecd%3D0%26aamid%3D0%26art%3D091e9c5e823d0cb2%26pg%3D1%26cc%3D83%26env%3D0%26hcent%3D%26leaf%3D17008%26mic%3D%26pt%3D1728%26sec%3D%26scent%3D%26tmg%3D%26tug%3D%26uri%3D%252Fdefault.htm%26rd%3D1%26tex%3Dvuejs%26segm%3D0%26bp%3D1%26lif%3D0%26saf%3D0%26iaf%3D1%26pvid%3D170591275976336023%26pimc%3D0%26fis%3D1%26fipt%3D1728%26pch%3D1%26amznbid%3D0%26amznp%3D0%26excl_cat%3Dssg&adks=1727100116%2C1230668854%2C3282889101%2C3282889090&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

029ec56a54f01e19cae2d36c8d1118f0b99bec3128368ff7377e1429f3b6388b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24827
x-xss-protection: 0
google-lineitem-id: 6333743408,6396973106,6478994126,6494257801
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138296496423,138441577174,138460198049,138458794120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2f9097dc16216dc172a7c2e4bb65b1e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FCBE 6 KB
3 KB 304ms
91ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f9097dc16216dc172a7c2e4bb65b1e4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 08:39:20 GMT
expires: Tue, 21 Jan 2025 08:39:20 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
714 B 323ms
78ms XHR
application/json 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2618142259440&cb=1705912760025&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.6a24c317.1705912760.6676f14c
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=600
content-length: 174
x-pinterest-rid: 7392679874544070
pin-unauth: dWlkPVpUZzRaVEl5WldZdFlUWXpOaTAwTUdOaExUZ3pObVF0TVRFeE1EQmxObVExWXpaaQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 304 B
693 B 315ms
77ms XHR
application/json 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&tid=2618142259440&cb=1705912760027&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

64d82f5d2dfd91262b776894417faaedf2159d900d80de148affcb57beee794d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.6a24c317.1705912760.6676f14d
x-envoy-upstream-service-time: 0
content-length: 174
x-pinterest-rid: 7374784231753905
pin-unauth: dWlkPVl6QmtNREUzTVRrdFl6VTVPUzAwTlRJd0xXRXhNREV0TUdSa1ptWTRNalU0TlRJeQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

envelope Show response
lexicon.33across.com/v1/
Redirect Chain

https://lexicon.33across.com/v1/envelope?pid=0015a00003LjauXAAR&src=aps&ver=1.3.0
https://lexicon.33across.com/v1/envelope?pid=0015a00003LjauXAAR&src=aps&ver=1.3.0&b=1&g=mBEI5wi%2B8o0CoqIAdmO5n5%2BAvUSk%2BTrkDNA6Nve9HYU%3D

42 B
138 B

64ms
63ms

XHR
application/json

35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00003LjauXAAR&src=aps&ver=1.3.0&b=1&g=mBEI5wi%2B8o0CoqIAdmO5n5%2BAvUSk%2BTrkDNA6Nve9HYU%3D
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Mon, 22 Jan 2024 08:39:19 GMT
via: 1.1 google
referrer-policy: unsafe-url
vary: origin
access-control-allow-origin: https://cffr01.ourmd.store
location: https://lexicon.33across.com/v1/envelope?pid=0015a00003LjauXAAR&src=aps&ver=1.3.0&b=1&g=mBEI5wi%2B8o0CoqIAdmO5n5%2BAvUSk%2BTrkDNA6Nve9HYU%3D
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame B064 29 KB
10 KB 282ms
280ms Document
text/html 23.46.224.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU66J63J&prvid=55%2C77%2C251%2C175%2C178%2C201%2C246%2C147%2C203%2C214%2C237%2C337%2C208&itype=HB&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.46.224.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

8a1f1b8d5513bf7c9d379d39a83af10d25a6e238042ad26149ff91e3cd563994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=93600
cache-control: max-age=172800
content-encoding: gzip
content-length: 10184
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 08:39:20 GMT
expires: Wed, 24 Jan 2024 08:39:20 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 24 KB
5 KB 59ms
58ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=51576464257116621705912759819&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*23%7C728x90%7C1037255%7C19266769%7C%7C%7C1%40867238351*29%7C728x90%7C16268%7C119514_564734_2%7C%7C%7C1%40867238351*54%7C728x90%7C8CU66J63J%7C867238351%7C%7C%7C1%40867238351*79%7C728x90%7C156459%7C2918487_215505%7C%7C%7C1%40867238351*96%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C1%40867238351*107%7C728x90%7C562650%7C733019%7C%7C%7C1%40867238351*229%7C728x90%7C8CU734595%7C182703547%7C%7C%7C1%40867238351*441%7C728x90%7C934769%7C867238351_934769%7C0.05%7C%7C1%40867238351*4%7C728x90%7C8CU12LGKP%7C437029077%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.6510467080641062&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22867238351%22%3A%7B%22tid%22%3A%2243063638469397471705912759816%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-2%22%2C%22xps%22%3A800%2C%22yps%22%3A3236.984375%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%5D&pinfo=%7B%2223%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%2C%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

1a61a60b7c572a7a5aadab60d6ea44ec4af4004d84df376f433a53f1218aeb36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rtbsspub
xch.media.net/AdExchange/ 8 KB
2 KB 51ms
50ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=25020830138925301705912759828&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*29%7C728x90%7C16268%7C119514_564734_2%7C%7C%7C1%40867238351*54%7C728x90%7C8CU66J63J%7C867238351%7C%7C%7C1%40867238351*79%7C728x90%7C156459%7C2918487_215505%7C%7C%7C1%40867238351*96%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C1%40867238351*107%7C728x90%7C562650%7C733019%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.21052921424090587&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22867238351%22%3A%7B%22tid%22%3A%2245712650323169421705912759824%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-2%22%2C%22xps%22%3A800%2C%22yps%22%3A3236.984375%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%5D&pinfo=%7B%2229%22%3A%7B%22dsh%22%3A0%2C%22psh%22%3A0%2C%22csh%22%3A100%7D%7D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

d346c58e95f0eafe964b26dc50d64749abfce1dd10ac253bcb7b0057be2c4b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
278 B 509ms
143ms Fetch
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

d15734dedd852d2fb2a6f16775cb9f3d605e4e861aeedcbc54723069e8713553

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: https://cffr01.ourmd.store
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1705912760158&se=e30&duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&pu=https%3A%2F%2Fcffr01.ourmd.store%2F
https://rp4.liadm.com/j?se=e30&duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&dtstmp=1705912760158&pu=https%3A%2F%2Fcffr01.ourmd.store%2F&i6=MjAwMTo1NTA6MWQwNToxOjoz

13 B
319 B

209ms
61ms

XHR
application/json

52.0.230.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rp4.liadm.com/j?se=e30&duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&dtstmp=1705912760158&pu=https%3A%2F%2Fcffr01.ourmd.store%2F&i6=MjAwMTo1NTA6MWQwNToxOjoz
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Server: 52.0.230.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-230-246.compute-1.amazonaws.com
Software: /
Resource Hash: efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
x-pixel-event-id: 3369fdb6-f4d4-4fd0-b945-65d9c5dbd64c
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: null
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 13

Redirect headers

location: https://rp4.liadm.com/j?se=e30&duid=7e8739374fad--01hmr55x4ymw3dma3q8mdqxqfz&dtstmp=1705912760158&pu=https%3A%2F%2Fcffr01.ourmd.store%2F&i6=MjAwMTo1NTA6MWQwNToxOjoz
access-control-allow-origin: https://cffr01.ourmd.store
date: Mon, 22 Jan 2024 08:39:20 GMT
access-control-expose-headers: *
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
845 B 269ms
269ms Ping
text/plain 23.48.224.108
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.108 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-108.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 80f3913.21bb08c8
date: Mon, 22 Jan 2024 08:39:20 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401220839200307D482EA60971B2F76-18C2F0759CDF83DA-00
x-cache: TCP_MISS from a23-195-36-76.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 197,23.195.36.76
server-timing: cdn-cache; desc=MISS, edge; dur=11, origin; dur=191, inner; dur=188
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401220839200307D482EA60971B2F76
x-cache-remote: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 191,23.48.200.133
x-tt-trace-host: 012abdb6ded152821aa6b54fd2c6c3aa87c89e34dd8570041d1f8f0660aab6e7f692c07f7e548ed186023035a1cc056701b027a59d3b4f1e682bb642717facd413ec942ada66b9ef9b86030d4e79818c4a6f4ad1d0686639c11d7d710da6da9a84cd754ccfc7e7362da0a3b0e64d6b33c1
access-control-allow-headers: Authorization,*
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
455 B 76ms
74ms Image
image/gif 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2618142259440&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcffr01.ourmd.store%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705912760282

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6a24c317.1705912760.6676f151
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 5949916392224354
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 /
vtrk.doubleverify.com/ 0
202 B 167ms
39ms Ping
text/plain 2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=request-timeout&v=1&ctx=17778638&cmp=DV587414&cid=a2bc46f6-5794-4799-810b-2a8860272b04&z=212571185029&cd105=mode&cd160=f0c80863-b6df-4647-9de2-b32a95522e8c&cd161=https%3A%2F%2Fcffr01.ourmd.store&cd50=upt&cd51=3365ab9&cd180=network&cd52=loadSignals&cm56=1&cm57=1&cm58=1&cm59=1&cm60=1&cm187=141&cm180=141&cm181=0&cm182=0&cm183=0&cm184=87&cm185=2&cm186=1124
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84967c6188d92888-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 204 /
vtrk.doubleverify.com/ 0
36 B 168ms
41ms Ping
text/plain 2606:4700:4400::6812:2aef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vtrk.doubleverify.com/?t=event&ec=page&ea=request-timeout&v=1&ctx=17778638&cmp=DV587414&cid=a2bc46f6-5794-4799-810b-2a8860272b04&z=146497156705&cd105=mode&cd160=58605924-8412-47ee-85fc-39acaa987f6f&cd161=https%3A%2F%2Fcffr01.ourmd.store&cd50=upt&cd51=3365ab9&cd180=network&cd52=loadSignals&cm56=1&cm57=1&cm58=1&cm59=1&cm60=1&cm187=141&cm180=141&cm181=0&cm182=0&cm183=0&cm184=87&cm185=2&cm186=1124
Requested by: Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2aef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 84967c6188d72888-MIA
alt-svc: h3=":443"; ma=86400

POST
H2 204 event.png
pub.doubleverify.com/dvtag/metrics/ 0
58 B 49ms
45ms Ping
text/plain 2606:4700::6812:a7e0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pub.doubleverify.com/dvtag/metrics/event.png?b11=legacy-success&d6=0&d7=1231&b2=3365ab9&b3=&b7=a2bc46f6-5794-4799-810b-2a8860272b04&b8=&b5=17778638&b6=DV587414&b4=cffr01.ourmd.store&b1=ad-request&d1=1&d2=1

Requested by

Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a7e0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-ray: 84967c60caff8dd0-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 log
c21lg-d.media.net/ 35 B
164 B 183ms
159ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&tElp=1132&flt=0&origin=1&pvgid=data-co&ovsid=a54eb6ea-904d-4360-9850-44e76cc79e10&cs=15&vsid=
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-48-23.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 22 Jan 2024 08:39:20 GMT
content-length: 35
content-type: image/gif

GET
H2 200 log
hblg.media.net/ 35 B
191 B 131ms
110ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=dmmap&sc_pvid=4&ogcbdp=0.4800&pbshr=100.0000&rvshhon=&bdp=0.4800&iwb=&bidfp=0.0000&dfpbd=0.4800&cut=0&prdp=0.4800&algo=mrg-2.0&infl=&capd=0&strg=no_strategy&dmm_m22=0.5900&exp=&akey=&tcyerpm=&har_prc=&server=1&second_bidder=*&second_bid=0.000000&bdp_bucket=0.40&bdp_wider_bucket=1&dfp_bucket=0.4&floor_bucket=0.00&erpm_bucket=0.60&erpm_mult=&current_hour=8&current_day=1.0&cut_cluster=&optimal_cut=&itype=hb&app_type=prod&dim1=&dim3=&dim4=&dim7=&local_wr=&local_wr_url=&local_wr_dn=&local_wr_urls=&auction_bid=&level_base=&dmm_m1=2024-01-22%2008:39:19.797198530&dmm_m2=&dmm_m3=&dmm_m4=&dmm_m5=&dmm_m6=&dmm_m7=&dmm_m10=&ad_position=&search_res=&as_error=&dim5=&dim6=&log_less=true&dim8=&dim9=&dim10=false&as_cache=&mul_ratio=&ogerpm_wd_bkt=0-1&pvid_seat=4_BID_API&predicted_wr=&cut_bkt=20&rel_cut_bkt=20&bdr_typ=1&brm=2&dmm_m8=&dmm_m9=&min_wr=&url_l1=&url_l2=&refdn=&kwrf=&bd_d1=&bd_d2=&bd_d3=&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&hb_acid=137345871861394401705912759500&dmm_m11=&dmm_m12=&dmm_m13=&dmm_m14=&dmm_m15=&dmm_m16=&dmm_m17=&dmm_m18=&dmm_m19=&dmm_m20=&dmm_m21=&dim11=&dim12=&dim13=&dim14=&dim15=&dim16=&dim17=&dim18=&dim19=&dim20=&dim21=&sb_flr=&deal_id=&ecp_p05=&ecp_p10=&ecp_p15=&ecp_p20=&ecp_p25=&ecp_p30=&ecp_p35=&ecp_p40=&ecp_p45=&ecp_p50=&ecp_p55=&ecp_p60=&ecp_p65=&ecp_p70=&ecp_p75=&ecp_p80=&ecp_p85=&ecp_p90=&ecp_p95=&ecp_p99=&ecp_avg=&ecp_ver=&ecp_status=&ecp_rtime=&ecp_used=&asn=&ecpx_dm=&ecpx_sc=&ecpx_err=&ecpx_state=&ecpx_anp_rat=&ecpx_wr_rat=&cid=8CU66J63J&size=728x90&cc=US&br_id=265&o_id=101&seat_id=BID_API&clisp=mowx-67dbbc9f6c-hdcz2&cliIP=0&cliIPV6=&sc=FL&ct=MIAMI&ugd=4&vsid=3489143581523551&requrl=cffr01.ourmd.store/&requrl2=&dn=cffr01.ourmd.store&acid=233237927930398_27128424_867238351&model_key=&model_version=&dc=east_sc&sat=&other_bids=0.48&other_prv=4&crid=867238351&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.224%20Safari/537.36&br_ver=120.0.6099.224&ugd_ver=&o_ver=NT%2010.0&seg=&f_seg=&ogerpm=0.5900&ogerpm_used=&rawbid=0.0000&sub_bidder=196&pt=1728&viewability=0.0000&visibility=&stid=&ckfl=true&mnckfl=true&sd=0&adblk=&splid=&dmm_d10=0.0000&dmm_d36=&dmm_d22=&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&dmm_ctr=0.0000&e_rpm=0.0000&advurl=&pvag_id=&ss=1600x1200&ss_d1=1600&ss_d2=1200&send_erpm=&adtyp=&lper=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 log
hblg.media.net/ 35 B
191 B 101ms
86ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=dmmap&sc_pvid=4&ogcbdp=0.3100&pbshr=100.0000&rvshhon=&bdp=0.3100&iwb=&bidfp=0.0000&dfpbd=0.3100&cut=0&prdp=0.3100&algo=mrg-2.0&infl=&capd=0&strg=no_strategy&dmm_m22=0.3900&exp=&akey=&tcyerpm=&har_prc=&server=1&second_bidder=*&second_bid=0.000000&bdp_bucket=0.30&bdp_wider_bucket=1&dfp_bucket=0.3&floor_bucket=0.00&erpm_bucket=0.40&erpm_mult=&current_hour=8&current_day=1.0&cut_cluster=&optimal_cut=&itype=hb&app_type=prod&dim1=&dim3=&dim4=&dim7=&local_wr=&local_wr_url=&local_wr_dn=&local_wr_urls=&auction_bid=&level_base=&dmm_m1=2024-01-22%2008:39:20.201001624&dmm_m2=&dmm_m3=&dmm_m4=&dmm_m5=&dmm_m6=&dmm_m7=&dmm_m10=&ad_position=&search_res=&as_error=&dim5=&dim6=&log_less=true&dim8=&dim9=&dim10=false&as_cache=&mul_ratio=&ogerpm_wd_bkt=0-1&pvid_seat=4_BID_API&predicted_wr=&cut_bkt=20&rel_cut_bkt=20&bdr_typ=1&brm=2&dmm_m8=&dmm_m9=&min_wr=&url_l1=&url_l2=&refdn=&kwrf=&bd_d1=&bd_d2=&bd_d3=&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&hb_acid=276328306118061341705912759817&dmm_m11=&dmm_m12=&dmm_m13=&dmm_m14=&dmm_m15=&dmm_m16=&dmm_m17=&dmm_m18=&dmm_m19=&dmm_m20=&dmm_m21=&dim11=&dim12=&dim13=&dim14=&dim15=&dim16=&dim17=&dim18=&dim19=&dim20=&dim21=&sb_flr=&deal_id=&ecp_p05=&ecp_p10=&ecp_p15=&ecp_p20=&ecp_p25=&ecp_p30=&ecp_p35=&ecp_p40=&ecp_p45=&ecp_p50=&ecp_p55=&ecp_p60=&ecp_p65=&ecp_p70=&ecp_p75=&ecp_p80=&ecp_p85=&ecp_p90=&ecp_p95=&ecp_p99=&ecp_avg=&ecp_ver=&ecp_status=&ecp_rtime=&ecp_used=&asn=&ecpx_dm=&ecpx_sc=&ecpx_err=&ecpx_state=&ecpx_anp_rat=&ecpx_wr_rat=&cid=8CU66J63J&size=728x90&cc=US&br_id=265&o_id=101&seat_id=BID_API&clisp=mowx-67dbbc9f6c-g7k76&cliIP=0&cliIPV6=&sc=FL&ct=MIAMI&ugd=4&vsid=3489143581523551&requrl=cffr01.ourmd.store/&requrl2=&dn=cffr01.ourmd.store&acid=242661064606405_1156758390_867238351&model_key=&model_version=&dc=east_sc&sat=&other_bids=0.31&other_prv=4&crid=867238351&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/120.0.6099.224%20Safari/537.36&br_ver=120.0.6099.224&ugd_ver=&o_ver=NT%2010.0&seg=&f_seg=&ogerpm=0.3900&ogerpm_used=&rawbid=0.0000&sub_bidder=196&pt=1728&viewability=0.0000&visibility=&stid=hp-instream-ad-2&ckfl=true&mnckfl=true&sd=0&adblk=&splid=&dmm_d10=0.0000&dmm_d36=&dmm_d22=&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&dmm_ctr=0.0000&e_rpm=0.0000&advurl=&pvag_id=&ss=1600x1200&ss_d1=1600&ss_d2=1200&send_erpm=&adtyp=&lper=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 22 Jan 2024 08:39:20 GMT

POST
H2 200 c
www.webmd.com/static/v/ 7 B
522 B 156ms
84ms Ping
application/json 104.18.34.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.webmd.com/static/v/c?wcbType=webmd-data-collection&event=dc-metrics-plugin-init&wcbMeasure=1052&site=core&testid=&pagenumber=1&busref=Nav%20-%20Home%20Page&tug=&aid=091e9c5e823d0cb2&pagename=www.webmd.com/default.htm&ua=desktop&env=live
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.34.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4dd71068f0c235ffd437899972db02843873e9bb0d94b26cd25c490a9e1e27

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-served-by-system: Platform-Nginx-Caching
x-datacenter: MA1
x-location: static-v-c
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLg7x1gJxtk4OXW7vSKTofwxDbOCY3SArQpUJ2HoegEtf64Lvsy6Q7gIIdcXYrgiOsM%2FsFnLYjrjL9l%2Foae61jDl5Is4ny3rjkMGWJTv0Q0ifuZY%2FHdc9VEde7DZyCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-robots-tag: noindex
cf-ray: 84967c627c59221e-MIA
content-length: 27

GET
H2 200 RC7914a60aa3114be4ae1d6e357185d90f-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 5 KB
2 KB 73ms
72ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RC7914a60aa3114be4ae1d6e357185d90f-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dd5a2744de80e952517ac789206c30e237f05fbc466748dde937677fec5f2ff6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 1725
expires: Mon, 22 Jan 2024 09:39:20 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 10 KB
2 KB 55ms
53ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=62353407579607161705912760487&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=356136642*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1%40388736527*126%7C160x600%7C8CU66J63J%7C_113610%7C%7C%7C1%40638432657*126%7C300x50~300x250~320x50%7C8CU66J63J%7C_113610~_113610~_113610%7C%7C%7C1%40656615527*126%7C300x600~300x250%7C8CU66J63J%7C_113610~_113610%7C%7C%7C1%40867238351*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.2794749079495167&tscode=1&crid=356136642%2C388736527%2C638432657%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2235448771673362901705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2247780706923713421705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2244210259119065401705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2250511821811741811705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2218131492361503101705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284704946519523801705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2251074294391383041705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-1%22%2C%22xps%22%3A800%2C%22yps%22%3A770.546875%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0&switch=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

2a7908511747e5801bee67de97eb3147493aa3d53b430c4f7bd53736e57d2a63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:19 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 10 KB
2 KB 57ms
55ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=37069342865417431705912760491&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=356136642*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1%40388736527*126%7C160x600%7C8CU66J63J%7C_113610%7C%7C%7C1%40638432657*126%7C300x50~300x250~320x50%7C8CU66J63J%7C_113610~_113610~_113610%7C%7C%7C1%40656615527*126%7C300x600~300x250%7C8CU66J63J%7C_113610~_113610%7C%7C%7C1%40867238351*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.22443010751274572&tscode=1&crid=356136642%2C388736527%2C638432657%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2296384948539724481705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2215818644248967541705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2234494261319287381705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2258696522548429781705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2259468938561200001705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2296714336225598401705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2219206032018205761705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0&switch=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

3b77921a44f8d723e9f2c96b1375492500839c904069a028e04a8c0097867b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 3 KB
1 KB 52ms
51ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=56615789289227591705912760493&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.37582164703244025&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22867238351%22%3A%7B%22tid%22%3A%2243063638469397471705912759816%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-2%22%2C%22xps%22%3A800%2C%22yps%22%3A3236.984375%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

fcc57bc3604a9ea785154fd7b7cfb4189b944e641b8af6da156be581c087bae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 2 KB
1 KB 58ms
57ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=52223684203102251705912760495&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*126%7C728x90%7C8CU66J63J%7C_113610%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.5108659988756084&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22867238351%22%3A%7B%22tid%22%3A%2245712650323169421705912759824%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-2%22%2C%22xps%22%3A800%2C%22yps%22%3A3236.984375%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

241534352c54a2bb123818c79ef1b669934098db3e0e48bc8484dfc85a1a6e5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05F2 0
0 99ms
98ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOJSSmkZaBpL-57Vc5QufY4bxyt_MUbMNtEfuhryrsPi7Ohg_pej8jmGzmKBtKFZLT2v6yd-eIxdzDbr4IpylEBNYJWIu_9-xAecfgcx4tXd-e90POXWWqFk8Hk4yZCfI3R8ru4I-TYI4tw0ONWRsWP6IZKTylBio_eBJMxu73GtKyqFBX628bxTpyG850kdqUuUdWE3qGJu8h8oxo83ZNAaVhytL1kuguLchM4JsD6OiFW0N-jLQ6IIKyx0v0oLDfGBjppKVZE2E_g5yLfOKBNSYAUujumDetggIsXPxW9z1TDCwbL7-UqbrYymfKMcl5G7Ospdkj4iZHPr5t8I6GRUJcQkBxafGSCvXpygFC&sai=AMfl-YSnZY0siAXv0uPQkYme9y60CsZO_1oETA1nBDhunZ8eQoOneS_045LkfgYP8EHByPaADPf7rVvMSPN4Y-I0HHz0qgZmkpykGWax9q94cB9PE_WkpDViAz-YXZMLaPun1_nmVbPY-bO5WDx9Y9iunCw&sig=Cg0ArKJSzPz8Qh8hPQUuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 05F2 206 KB
65 KB 248ms
103ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2010 0
0 100ms
99ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrcoc0CzI8Z_iwuf5yZLQqIjSjLHZ6G9fZon9VvM9ddD0ywUFbSIiNPTZa0l6np6rTvqL8Pc4AfHME8LCQJ9eFzWzQPOJBBlMWEYEUOz-8vQMfghKmdmfvg70L6xLf6JvsmH9S9mrYj24frqPthxr79-yRgMO5r2Iml0tLTT-k_yJEpv_zpe44y3sADDOhjEYuPyV2lFcpZn3VFQbNCLOBf5voaE5He5-XyTJqdxJLBBoRH_Amk4eeTr9YeFrnmNbq-uQFgzmt-8Zuok49VQEqxsSNOhKr-Ldq2XqKOr-e2kiocoLXm7nmEqiKCCsbf3-IXFGKWIRCH-QCdczgilfFNOYtpXvyo-UN4e4rQjUm&sai=AMfl-YT-hrQj0VjK1-kOBz23HPF8Ysnqa9aPypYSrsnf9qfnu4ID_6mBfAiVDX_QcueZYSRG5gPqiLJx4zhro16NFVW59MV_-LxwOvKB_caahtazsq2dZLzOLI8S7TsD3OyPTc6gn2_pzGx9VQ7x04Jiw8o&sig=Cg0ArKJSzLdPVSWeRoT-EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2010 206 KB
65 KB 345ms
220ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6FE2 42 B
474 B 263ms
100ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsXqOJbfNUwBcQy-K-2vBvHIxw3PGTkPeTRCNkDxsTW1Yt92QH1xjRPJ7iWDTyvBKmfKhWhu6ISippZ00AEkGwr2rvGwz1tPshMTk2w5oTQrw6G_NfkqOQZwz6GOMSDOJQWvJwCL23rZj9IQLsX4OhzDHrBm_HsVSruaTlW3pkzZW26w8&cry=1&dbm_d=AKAmf-CLIIIifJQvsMo_9_gV_3BMW7wgomIWFHryVBIejX75sdGo3E8RwGg6rvShE9KGqp5cw55UO0-sYZhG1x6MPV6AR8r2grTVxMJJWqEClBmEXn7FuhuWdmV3fhNAAyI9o2lqMYHGnZd42lSuylABseX7vjZosVTFImWxtiUVb-ZgbmyraLFGbABBJZe12Up_HI_FRQukgxbpaL-p4ecfLTwM6tJIaLhs-8obbVzvr5X4yPTx0_217vzDX9AdB-VaZjr9RSTh7kbSQaWngneIjXjQb8OmHNEgkNSFk6YU_7-J5DAsdJWK_EKE_UP1kFrEjp6PC6h0u4DgCi_1ao2V4IgCDWt_gK9ehYpPLLuVuXx9cgW3EkgPRm-zoA-zEhUAotpamm3jzMS5FGJxF2At8KpMwZ805tPpt1oMVGbfqxRB8qvm4GeIgpOxbNbb68apoqdNApJKKDNcmg_9qVhupRieDte_QKhK_0ren3TEtObSeQaq7M9q6MVPthcFoqYdAj14FndHB9XcCzGpBNljq7S-jcTY7Bbutia9TWWYk2D7ouNtbg_MCN6mCrMuU5oe2guRLJrzu2A1_1DuUU09av-Atus8tXWzW_0sMUUh3FniF2lppgzmewCWbCU6hbzqFivN3pFpAmUUzkswUguQPc0A4wigwg5cWh_Xq1dpqFeEd7j0yPof8ZU1L7s2t5qElWrYkazPQq_5crf4DJnq-wqCQohU4d_Hu2UIZ3M5wm2ENW91ynuJphtMkJ3-mo66oCV1Vj2FEvxpbFTQtFgjhXii_LA9mc-IVGomiti72mhBcL76IOmZbdFSsTuhrOXg7TQ1cILNLNVIEPIfILyIXI9opClN7kPHvC6WBUY1cPBoqxlNfanXZFWGpjjR04crnTGCA1HM-Ncz9iQ92zS7_WzYU3C0K8amXrOcTsQd9xTzQbRfUL4Nd7cnGCnU3B7GWaWlLz0lrYqfPNHv9xqgaKDzkL2yQaPzOnAregYDGqVe47v3ojnB1weEy-ijkzJPWjV6t-pcJQnCXzp0xw2wAIk8GmAck2MGcT20hztPxGGTH4ROQKXvfvgc4V5A7SFk2w4IkwEHpi3zaXfY8-iV5SA1YAYJb6ZGrYbrib0kIyeObVy4bS1HSVlf85CbXpHfDrpI0f7lGapcmkDLxEPnpdM9XPRUodWXAYxIyUYCK154IZwj2iOtjkQ12f8WWbLwF7nGJ_IyUIdYJ39a7MWBJVpIgFeA7rDbJx157b7IQh7EA9fOLSf23yp3a5ZULB9U4Nh98cB8h4_JRvpipI80d7p5bXgjpuCcK6gcqyT_Mqy7G5WvO3WXcM2rqyBSBmaKKK6GZVaCt60fRYorMCUtSyPbLEHElWw70pv46NPQKNVFJCY7E16Cin0zzSZ2pCr8HcRmflsvB060M-CSMJCylFSarUonnLYtyHdkqS3OnlkKYiKxu_S_UdMm_uyxQNKeDOH25W3u5svNPmC9vIB9B6Ly7wz-NOIN6PlGiyNoXXFwxjU377une0mKTmkoEuiObdDTVDNTdWIzIejdevY8d0HHnwgYohwqMF24hmOexpSIoUGX0fTMm7Q-pgpdyy0oE6rFoumFR_p14dMU1bwWUvxwvTOkJRBDUPLg7B4OEj5yoEHLKi-wXHf-sWHJfn-v9e4IZei-Pgl_DbyHNNxPvZii6QmmI2VrxgGzbG0ITRtXqgZoO12DC_PULKeJWgZgxTLgqjtLWA9u8psxF6CVubdah9VLtvFmFJQSRGFyhvvSKyfgPEeb6FASGzHZJVmW5WPJhu0cjSXONeZgV2yu_WKYt1ibaqyFyeJm1JPw3tLd_pbPz9xHnUQ7s1p1cZreooUrClW-KOTepVRJGSoSDYxwQNBtkA_W-79m24c_YO67XWBZU-x2C8HAUmDQlea4RSRnBbAET0G7HM-x7-vQtMGx8xI8o3biKKwEFnzesAUwpJEgCI_QX6P8eeqn8F-LsP9GHkk4QODm5t8A35z8xqlAGhDqXje9PK89HQ9TA1PPLpaTPnz0lBbdFAl-BwCG5z7gJtODrkmhsmVeAk3YioskqynLQez2pJ5_VLsUfyrqoKA7i3ty5xNJllyDO8yOMl9llF0oWzEY6f0auBVx6Wn8aOGKo6bZZiEX52XChBcKZk97biRSo4Y-A0SESNnLzf9_RCKLHnHyShsWixQb4INLjDWQwO-TvsO2UQAct-BQN1imaAhSY5uTwFJjphPJQWrOidbxw8Spt3Ea925dFvuxd5g1kqTMq0yWBjLaj7u9d3TndFG4A1BMYBPWRSrx_xxcb6y4tVysgZmnb4OaULL7Cwr3eUAUwak3jQqnCqaqlV9K4egf2IY-b_m2kV6Vd2_JO24DaSsoTcUsmigJEoQfn1AnCzoPfs7Nb8N6YuQh8qHEryAOsMwKj2tk3xkDudH67qnL0XLJo56G4mijxwPJyk7xlpR8FgOSfrUII-lhfpPxvNP-9XiY3mN73_vLuYbKh564WQVsmCQspY8lVs5Hot0bxgfBhNuepjA-mllvwcne0xkThpYJSczDwdHbXIwUNllxUBJbr-GpGTIuXzCCoH-FM_N302LXWkmN8lh0jAq5F_3NgZYJfWnHm4IVGg5UgQL3qITqwJGW9cacljt9k1HMkP1-v6SfPXdXtKACxC4GIhN-FRPclW88xOYoiSqgcnEBh2yZ2p5OpLUcwj2DqDOCjXo37cehGWwOs1ZlsfNXzk0dux16Kx-QdNmCQDZb9qyi8ZFz5QXw3gDkakKqDdecz7OwZubzNZKSk_HYz3OzAxMHKErVUWiQzxAbdwq_Zr_fopj-G0pyG1OpXkejn4zDUzwCKrG4sRZ4hUPUI8sMGTzqyI1C91eAscoGhV77eWSni4MoLHb8uxREoaxomHPFi1d3acKCjLQqvq-BJMsCxJmVH-t9vVtxgGswAnC7si9tryEwJ5AtUfUBHdgH6ycxVx7ZhZi1qf_7y-14OZnB-XoVhl8VxxmXna5VsZEnr-V5fc4FkcvDS_OOkdebMZ6lmh0gWYgCI8NgUDpRBiF7MinTGI5TL9wwhOqx1mf-TYZXLkGKFTGUE5c6lKRrzZYevZ3HAN6CbX1KKZVpZee96U7i_e3kLtXpsAtmbAJ-JOxC_cD0-70sfMN21ZwKeR54G1mcO-5J5sIh0tSlVCet7rmNfP34fZUnNS7_RoZGNBl0SKird4LbxCXFtLXtrWLYcKeEoWETUIn4-46EM9x4hjhEzurgiz-vBy7I5f4lKB77zzhy1oYBTXk4uk9_xO4x-N6B2QwArjgsb-gg2GT-byMLeHTITdAr_B0onTJQYjNkgginGOwpFfeRPAQje7AW7zCoo37PBPeQd9CMXy1S8XCfI92mh_W3a4sgqwt-vEV1REuvhHew0tSZ19qCrNXL8L8gvCVjnoOZwHizUNWcsPzueCYR589nByQ-abbHsn0pqJ-IrpAMVLT5WEJxIn0ubXIASiD6LSdSDtzA74__Q6TkzAoUMapBkJEM64NxRpQdXH0CjXi1gCTvvZL5UWm1Z7sVRf9XoVy34Ul723AmlyBPZFlV34ZEqgirlcJGih5RNn9ZTIINFsDSnDi1MuGH7jqe-YEXg9I9CaCyUx1ZXo0XZjPskMscgyQPasfUj2DMZrj-AvSr7xMdaZ3TgVDHfC8LOStM0ZLPs7EFrqZ6xCgn3Xcgan4bsjhu9BOxtPqKl_EwxLJIP4CBhMe97cb7YEyh3exitmk3f8yYDKBkRlihAAKzUmt-G_OHB9gIulLcz2ZJ3_4tHWbVQhjykK8IvXElqDz1r79CbUq8BCIR9Wt5fVZ7AQo9YPZUty5euHatpCgYOmr5keVQHb2skRlogXAiKEeQ1JkfT04A8IGuhZmYX2F8CedTwmeOCvD5pJbjmr0aCDxkbCQ7ISxi7g94cN-8ab9YkGdm0eiWAW13V1ikBeoAv6qeJOQg0053fTqLcZUElaxq96CrWEkXrNwvF99SOLh5GYOxzPXHAaWZh1mN9Ddr7R1FjObpx13V93KpxRx4Z0Tq771L65IYGCdnst8EPfU9zWFveSWhMFnnFZcNEZZ2ySQtenq2M91cIO6YCHSgRPM3RqhiypIGMKIB5B_DVDQ9_7-cV4ExTTd3-hC5ZCRtsRRXY_C7tYJyngz3VNlK3LSvHn7cIUfGzzmPnDvXlKPlwMV7m3-go_idRPY-rKahJ4Svupwid7-7eBuZDL5EGavsAEZ9ydTKDpLKF5tOmhRTlp5orNtR4byGXtHZ7DwdV6PiTwSlZx20QvWQ8K35z6R2Wxo_ervvA6QwNyWJ8iU_aF4CL6Q5_dMfy9pYAWDRMui8jsSu0h8L-8TIThGRv0M6G4TN0vGT3Hca60hjRTO8ZOBy-d23iyUUltDWYZkBVIcFDOkdq3CEOmlHJu8E-bYfmh6MsJKfL6zf9XNFU29PjyKapWKSirvxtTbz8p-mAZYoemYOsf9V4UkuBzrHHqluZnEM3fsH-lAqYP0b3tLxnM4SZzZzOW0mxv7rd2PWMKNZ-V9hn1vkunx7ZRS3ZrX4NGyN7vCDI_6Wo5CmGt_8UYWa3wV15xP7-INned0A0wQMAOZPym6ZmW1p7jdwMZQJ96ruQMA6fLA51S5B7E-hd42UoalYvzPo6hbVh50ZOAaXKrvkR8R22N1_TGX6cFbtBiphlz2UlDENBKrxYIKy6ldfakbLXMHy14rTwFQk967CX_7XIGX3s-S7r_NKpFq4oRBMEcS2d2fv6rPVygFIqMPmrAmwtMKaFqtbW3ApT99P7l1LOYBnW9OMa5y-9nsCtAqSMQmD1VQyy03Q0t2FdxmNvRdGb9XEg_4&cid=CAQSTgAvHhf_zEeXy0eo7GuHhHcJpa9_s-slt96U8lhgUxqnHUzLHtMq3BeGN__dvpPovUB_QUOKIVVBslgdHNG56QLN70a5BGqKWwzUkO9dLhgB

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6FE2 18 KB
8 KB 177ms
72ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 22 Jan 2024 09:16:58 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6FE2 9 KB
4 KB 267ms
84ms Script
application/javascript 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a6c737a8b792a9f3a737c1ae9496c530b2c51832c3f2834aa620a81ab6b6cc36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 12:37:05 GMT
Server: UploadServer
ETag: "ec2fdccf2e6d4b4316526cec99c7677c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Mon, 22 Jan 2024 08:54:21 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FE2 206 KB
65 KB 311ms
207ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4018 0
0 103ms
98ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0qH89K_UVBDzE4ZEtl19kEZdUHJkvXX_1Q7hDZtIEm4ERR-RBKBLaD4MN1W3fFhCGmGl9FUQpwQhDgvv2NI6jYL9EuTcAFaFbBDk6E3MTaRtAXiZnI3QadAJvgJO1FMXJBeC-hAgWrEzufJ66zdnbF-vI2FO3VSgjLXTBq4a6a_kMtdjoKfMpI_vHGHq53cspMsxQsayfNIyam4I4-h1hzTtENZg5M73n7TsAPKStadf5zfLLVYjv0zTeGEfslYMyoPoAyvqcSYKA9Ppd_u-L-NTX_4IMzJ9SqJRLriO4-hMgFysHV1LDszNQCg_O6hYYItrdtHPZss2SfUQu36AIQhrwnDSPiDvIoDv6eaZrze_HYH9NKmImax7co-qFBaapKQIvjjEFpeMltZ9ci6GB8AEb&sai=AMfl-YR4o-Guurjydm2hRV7ClNrX2CyV2U8btUK_2_cvtP583nBuFyAseAqlCnrCYgC7PTgxYH_71JbWSVA9MA-Fqt1OQBP75Y7EUVhYWHdWpAFwI3zFjhSZtfMq_IosStZKWcjRwKCTGnlSr617bEqzIgg&sig=Cg0ArKJSzFTWoKTOueZVEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 4018 18 KB
8 KB 144ms
65ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1342
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 22 Jan 2024 09:16:58 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4018 9 KB
4 KB 237ms
80ms Script
application/javascript 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a6c737a8b792a9f3a737c1ae9496c530b2c51832c3f2834aa620a81ab6b6cc36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 12:37:05 GMT
Server: UploadServer
ETag: "ec2fdccf2e6d4b4316526cec99c7677c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Mon, 22 Jan 2024 08:54:21 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4018 206 KB
65 KB 326ms
247ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69c32d8650b1e5f0bcb76d787972b68a1ba327ea5bd8da7ab8ca1a04336735c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66453
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705495733332172"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 196 KB
71 KB 88ms
82ms Script
application/javascript 2607:f8b0:4006:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-875612316&l=gtagDataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZVJC9H4TB&l=gtagDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57dd858b701126cb51ae86fab9a9f3513f4f2646d1213b448a139fd50847fe15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72674
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Jan 2024 08:39:20 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875612316/ 3 KB
2 KB 215ms
97ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875612316/?random=1705912760813&cv=9&fst=1705912760813&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=sname%3Dcore%3Becd%3D0%3Baamid%3D0%3Bart%3D091e9c5e823d0cb2%3Bpg%3D1%3Bcc%3D83%3Benv%3D0%3Bhcent%3D%3Bleaf%3D17008%3Bmic%3D%3Bpt%3D1728%3Bsec%3D%3Bscent%3D%3Btmg%3D%3Btug%3D%3Buri%3D%2Fdefault.htm%3Brd%3D1%3Btex%3Dvuejs%3Bsegm%3D0%3Bbp%3D1%3Blif%3D0%3Bsaf%3D0%3Biaf%3D1%3Bpvid%3D170591275976336023%3Bpimc%3D0%3Bfis%3D1%3Bfipt%3D1728%3Bpch%3D1&frm=0&url=https%3A%2F%2Fcffr01.ourmd.store%2F&tiba=WebMD%20-%20Better%20information.%20Better%20health.&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9bfe771c627e0a0944d076fd07f7135c7e85b43f0296b6cd31efd751345dd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1499
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 litype.php Show response
hbx.media.net/ 102 B
286 B 78ms
77ms Script
text/html 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/litype.php?&cid=8CU66J63J&lid=6478994126&callback=window.advBidxc.autoRefreshResponseParser

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

52200aaecbfb5d096e0f172fa5656d3ef3aae35b7b4a154d803ce8863f7f4f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 22 Jan 2024 08:39:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=10800
content-length: 102
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 11:39:20 GMT

GET
H2 200 litype.php Show response
hbx.media.net/ 102 B
286 B 77ms
74ms Script
text/html 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/litype.php?&cid=8CU66J63J&lid=6494257801&callback=window.advBidxc.autoRefreshResponseParser

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

e525dd06225b8649f0f2124d54af0b7eaab2f06ee203d10740351467e90d2c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 22 Jan 2024 08:39:20 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=10800
content-length: 102
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 11:39:20 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
698 B 76ms
74ms Image
image/gif 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2618142259440&cb=1705912760854&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22aem_eligible_list%22%3A%5B%22st%22%2C%22ct%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fcffr01.ourmd.store%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6a24c317.1705912760.6676f23e
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 8136958638720211
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 17 KB
2 KB 65ms
64ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=74432472391250291705912760586&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*97%7C300x250%7C8CU66J63J%7C170485818_8CU66J63J%7C1.06%7C%7C1%40170485818*3012%7C1x1_TEU8ETI_1%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C3%40356136642*97%7C728x90~970x250~970x90%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C1.06%7C%7C1%40356136642*3012%7C1x1_T9VJI4H_1%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C%7C%7C3%40388736527*97%7C160x600%7C8CU66J63J%7C388736527_8CU66J63J%7C1.06%7C%7C1%40388736527*3012%7C1x1_TU6BMCI_1%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C3%40638432657*97%7C300x50~300x250~320x50%7C8CU66J63J%7C638432657_8CU66J63J~638432657_8CU66J63J~638432657_8CU66J63J%7C1.06%7C%7C1%40656615527*97%7C300x600~300x250~300x251~300x1050%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C1.06%7C%7C1%40656615527*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3%40867238351*97%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C1.06%7C%7C1%40867238351*3012%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.7327017625328236&tscode=1&crid=170485818%2C356136642%2C388736527%2C638432657%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2235448771673362901705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2247780706923713421705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2244210259119065401705912759491%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2250511821811741811705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2218131492361503101705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2284704946519523801705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2251074294391383041705912759492%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-1%22%2C%22xps%22%3A800%2C%22yps%22%3A770.546875%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0&switch=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

40c9d49d31ef7dd57fb67b24b3c202df3486608bb4e0c12e601bb36cb8de8047

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 7 KB
1 KB 53ms
52ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=24053596875648161705912760590&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=170485818*3012%7C1x1_TEU8ETI_1%7C8CU66J63J%7C170485818_8CU66J63J%7C%7C%7C3%40356136642*3012%7C1x1_T9VJI4H_1%7C8CU66J63J%7C356136642_8CU66J63J~356136642_8CU66J63J~356136642_8CU66J63J%7C%7C%7C3%40388736527*3012%7C1x1_TU6BMCI_1%7C8CU66J63J%7C388736527_8CU66J63J%7C%7C%7C3%40656615527*3012%7C1x1_TNG7O25_1%7C8CU66J63J%7C656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J~656615527_8CU66J63J%7C%7C%7C3%40867238351*3012%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.6849422693266951&tscode=1&crid=170485818%2C356136642%2C388736527%2C656615527%2C867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22170485818%22%3A%7B%22tid%22%3A%2296384948539724481705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22356136642%22%3A%7B%22tid%22%3A%2215818644248967541705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22388736527%22%3A%7B%22tid%22%3A%2234494261319287381705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22638432657%22%3A%7B%22tid%22%3A%2258696522548429781705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22656615527%22%3A%7B%22tid%22%3A%2259468938561200001705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22758214918%22%3A%7B%22tid%22%3A%2296714336225598401705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%2C%22867238351%22%3A%7B%22tid%22%3A%2219206032018205761705912759532%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0&switch=1

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

6602326bce9fe5ed07e0fbde9415fcf49bff5463a631dffce504708493a82f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 4 KB
1 KB 68ms
66ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=51968621005274491705912760592&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*97%7C728x90%7C8CU66J63J%7C867238351_8CU66J63J%7C1.06%7C%7C1%40867238351*3012%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.7692167893182331&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=headerBid&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=250&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22867238351%22%3A%7B%22tid%22%3A%2243063638469397471705912759816%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-2%22%2C%22xps%22%3A800%2C%22yps%22%3A3236.984375%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

80e35519d6754c86700dcc842a6ece50f436f2e5ae7475aa27f37967797db595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rtbsspub
xch.media.net/AdExchange/ 2 KB
1 KB 62ms
61ms EventSource
text/event-stream 34.107.136.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://xch.media.net/AdExchange/rtbsspub?&prvReqId=75447316573593731705912760595&gdpr=0&gdprconsent=0&cid=8CU66J63J&itype=HB&ptrid=8PRL4E7N3&sd=1&requestString=867238351*3012%7C1x1_T31K017_1%7C8CU66J63J%7C867238351_8CU66J63J%7C%7C%7C3&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.13015739600073917&tscode=1&crid=867238351&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fcffr01.ourmd.store&https=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&sid=8241&act=cache&cc=US&ct=MIAMI&dma=528&rc=FL&usp_enf=1&usp_status=0&rtusuid=%7B%22126%22%3A%22a54eb6ea-904d-4360-9850-44e76cc79e10~~15%22%7D&tmt=401&ssa=1&prid=8PRVCXX19&coppa=0&pt=1728&pcc=Nav%20-%20Home%20Page&isRefresh=0&taginfo=%7B%22867238351%22%3A%7B%22tid%22%3A%2245712650323169421705912759824%22%2C%22kvs%22%3A%7B%22k1%22%3A%7B%22key%22%3A%22env%22%2C%22value%22%3A%220%22%7D%7D%2C%22supply_tag_id%22%3A%22hp-instream-ad-2%22%2C%22xps%22%3A800%2C%22yps%22%3A3236.984375%7D%7D&eids=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%5D&encryptionVersion=0.0

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.136.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

3247f94c18a5a1f6fa36107225a4ad4e3bd167d9e90587d25754d74fef30ca33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

cksync.php
contextual.media.net/ Frame B064
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=39a41c14-8f23-44b5-8a36-2f578f7a703d&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=OkSSxC5i_P8quWjc6GI90
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=39a41c14-8f23-44b5-8a36-2f578f7a703d&gdpr=&gdpr_consent=&gdpr_pd=

57 B
81 B

97ms
96ms

Image
image/gif

23.46.224.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=39a41c14-8f23-44b5-8a36-2f578f7a703d&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU66J63J&prvid=55%2C77%2C251%2C175%2C178%2C201%2C246%2C147%2C203%2C214%2C237%2C337%2C208&itype=HB&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1

Protocol

Server

23.46.224.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 08:39:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:21 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=39a41c14-8f23-44b5-8a36-2f578f7a703d&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 22 Jan 2024 08:39:21 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync
cs.media.net/ Frame B064
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzQ4OTE0MzU4MTUyMzU1MTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB_S1bA1TG4DuYoDqg_JDnY&google_cver=1

57 B
449 B

116ms
90ms

Image
image/gif

23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB_S1bA1TG4DuYoDqg_JDnY&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU66J63J&prvid=55%2C77%2C251%2C175%2C178%2C201%2C246%2C147%2C203%2C214%2C237%2C337%2C208&itype=HB&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-48-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:21 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB_S1bA1TG4DuYoDqg_JDnY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame B064
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=aa507ada-247e-4f3b-9002-263cd678f8a0

57 B
453 B

122ms
97ms

Image
image/gif

23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=aa507ada-247e-4f3b-9002-263cd678f8a0
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU66J63J&prvid=55%2C77%2C251%2C175%2C178%2C201%2C246%2C147%2C203%2C214%2C237%2C337%2C208&itype=HB&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-48-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:21 GMT

Redirect headers

location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=aa507ada-247e-4f3b-9002-263cd678f8a0
date: Mon, 22 Jan 2024 08:39:21 GMT
server: Kestrel
content-length: 199

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 249ms
68ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428750600651790&ev=PageView&dl=https%3A%2F%2Fcffr01.ourmd.store%2F&rl=&if=false&ts=1705912760905&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4125&fbp=fb.1.1705912760442.258292055&ler=empty&it=1705912759318&coo=false&cdl=&rqm=GET

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 08:39:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 247ms
67ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428750600651790&ev=ViewContent&dl=https%3A%2F%2Fcffr01.ourmd.store%2F&rl=&if=false&ts=1705912760905&cd[content_category]=1728&sw=1600&sh=1200&v=2.9.141&r=stable&ec=1&o=4125&fbp=fb.1.1705912760442.258292055&ler=empty&it=1705912759318&coo=false&cdl=&rqm=GET

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 08:39:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 246ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=428750600651790&ev=Audience&dl=https%3A%2F%2Fcffr01.ourmd.store%2F&rl=&if=false&ts=1705912760906&sw=1600&sh=1200&v=2.9.141&r=stable&ec=2&o=4125&fbp=fb.1.1705912760442.258292055&ler=empty&it=1705912759318&coo=false&cdl=&rqm=GET

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 22 Jan 2024 08:39:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 log
hblg.media.net/ 35 B
191 B 79ms
77ms Image
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/log?logid=kfk&evtid=belog&itype=HB&tElp=1592&adt=desktop&cid=8CU66J63J&ct=MIAMI&cc=US&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=cffr01.ourmd.store&servname=ssp-serving-yin-6b6746475f-5tc4v&svr=268_94_104_ssp&sc=FL&version=4&vh=1200&vw=1600&vsid=&vid=00001705912759430006462152356497&sspAbBucket=CONTROL&lw=1&dapp=green&nob=&bx_dc=mnet_sc&itypeid=1&sd=1&adbd=0&npa=0&gdpr_enf=1&csex=0&gdfstr=&gdpr=0&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&tcf_api=0&tcf_gdpr=&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&id_details=%5B%7B%22source%22%3A%22neustar.biz%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22E1%3AcmJTcjJjxmEt2B4IZeir_13H9Qe8-453CnPj5LafGW0FGiXucedvdEIZis0xKKagYtxWgpLPXgVUbgtbFkFRjHPIJQZKWuxF6rgDeKPQ2D0%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22liveintent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%227NIr7qV80pHfPJk4bGsLgzZ3Ta9eUnjA-zo7AA%22%2C%22atype%22%3A3%7D%5D%7D%2C%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*wahF9HzeUI4vzp_Mm0TrMud0ZjbK35VTPpSYwGHO6Dh-bvsHedCaEBrB4_Ikb2YIfm_am7l06bGXUzysyY7PJg%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%5D&gpp_present=0&gpp_dec_sid%3C%3E=&gpp_sid%3C%3E=&uspca_status=-----------&uspco_status=-----------&uspct_status=-----------&uspnat_status=-----------&usput_status=-----------&uspva_status=-----------&abte=SSP_CLIENT&rtype=&lbr=1&mnkv=&pabte=vuejs&pc=1728&ccat=Nav%20-%20Home%20Page&floc_id=&floc_ver=&gfundl=500&gtd=1&inid=&ngfundl=500&rdl=300&r_tim%3C%3E=&pubdpa=&name=TEMPLATE_UNAVAILABLE_IN_FRAMEWORK_FOR_170485818_FOR_300x250&stack=NONE&lvl=3&crid=170485818&pvid=&dfpDiv=&liid=&dfpBd=&acid=&rctr=&sz=&t_cntdwn=&t_ciel=&ebuid=&lper=1&requrl=https%3A%2F%2Fcffr01.ourmd.store%2F&kwrf=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Mon, 22 Jan 2024 08:39:20 GMT

POST
H2 200 v3 Show response
id5-sync.com/gm/ 735 B
1 KB 143ms
143ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

645ba4f10cd9566fe0262b68f4cbd5dccf8ad7d6364f8d973f6c475a7dfe303a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://cffr01.ourmd.store
date: Mon, 22 Jan 2024 08:39:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 RCabf38bd952e342708233f6541ccbce82-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 640 B
603 B 76ms
75ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RCabf38bd952e342708233f6541ccbce82-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 15ea03844469715aa14b55332b7d47bccc4504907199f0f36bdc428b63b7a041

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 345
expires: Mon, 22 Jan 2024 09:39:21 GMT

POST
H2 200 interact Show response
ssl.o.webmd.com/ee/v1/ 12 KB
2 KB 265ms
111ms Fetch
application/json 63.140.38.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.o.webmd.com/ee/v1/interact?configId=24908b7e-fabd-41ed-af5a-cc9b0d16aa1d&requestId=3c9e33b1-a5e6-4ac5-b3ff-91cf771af389

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.219 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-219.data.adobedc.net

Software

jag /

Resource Hash

e3a7e86ac42a453e465fab5c1c42c812e9c79cc9fbbd57b4ba805e4fbe5d77e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Mon, 22 Jan 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://cffr01.ourmd.store
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
x-adobe-edge: VA6;7
access-control-allow-credentials: true
x-konductor: N/A
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-request-id: 3c9e33b1-a5e6-4ac5-b3ff-91cf771af389

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/875612316/ 2 KB
1 KB 84ms
81ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875612316/?random=1705912761083&cv=11&fst=1705912761083&bg=ffffff&guid=ON&async=1&gtm=45be41h0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcffr01.ourmd.store%2F&hn=www.googleadservices.com&frm=0&tiba=WebMD%20-%20Better%20information.%20Better%20health.&auid=309983042.1705912761&uamb=0&uaw=0&data=event%3Dpage_view%3Bpt%3D1728&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-875612316&l=gtagDataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f501871fd2ea1d7d0c96cfdd67fbe822816ff132eadacc4aa0ed261934f1b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1273
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 4018 59 KB
23 KB 83ms
77ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:18:23 GMT

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 6FE2 59 KB
23 KB 93ms
89ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 242458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:18:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 05F2 0
0 102ms
99ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstScdDFuL8n3nXVmpsr8_8-ZlLRUtUcPwYQ5IlkGoPlCBKo2VA8Pd5mn3qerivq-HWKt5hi9izWVqDF_I7H8tH12udLfHgKTQwGF6vmRQui39mauT1l0Hqj6CmQWN8GQeOO9DYEJ_umEpoMsd-5KimbgEvovzMGWoGVJf5DYZ57mRsLQRJc5g95DKMj_pwcRlBrdRj2erH6t-BZw8jlyiTiebG9RZ1f46ITV38j8nLdDvlJUNcLGDC7Vib-b7LmaV1U4yHo_Eg4LnUO-lCOj0oCDbMYI4cOEH0O0bmoHJ5RM1I7xWyLJUaJEMwNidNXhplI-QQHYnztqWvryHR3E-mFwL6twzg4dyyeyv61JknDma0&sai=AMfl-YRdlo3HRQQe_ojfgfqRaMrwjMVg8xzS1N2O0HR8RAlFa5lufEwGvKMwm5B8wGyxJdtdMbP7viwME0GvhOyH-x97SJ9UISKSk_5a_RqIauv0DWzua8QaS3_Rns0x2MBt8GWdPHDmhk3m3rgcwueFz1g&sig=Cg0ArKJSzBWSRuXpQkqNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:21 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/875612316/ 42 B
108 B 229ms
83ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875612316/?random=1705912760813&cv=9&fst=1705910400000&num=1&guid=ON&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=-600&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=sname%3Dcore%3Becd%3D0%3Baamid%3D0%3Bart%3D091e9c5e823d0cb2%3Bpg%3D1%3Bcc%3D83%3Benv%3D0%3Bhcent%3D%3Bleaf%3D17008%3Bmic%3D%3Bpt%3D1728%3Bsec%3D%3Bscent%3D%3Btmg%3D%3Btug%3D%3Buri%3D%2Fdefault.htm%3Brd%3D1%3Btex%3Dvuejs%3Bsegm%3D0%3Bbp%3D1%3Blif%3D0%3Bsaf%3D0%3Biaf%3D1%3Bpvid%3D170591275976336023%3Bpimc%3D0%3Bfis%3D1%3Bfipt%3D1728%3Bpch%3D1&frm=0&url=https%3A%2F%2Fcffr01.ourmd.store%2F&tiba=WebMD%20-%20Better%20information.%20Better%20health.&async=1&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_OEBUZlhkFn7HIXTHBU1rY5TaU6gaMGgd8PeHalomfzr-n9Z1&random=3425162423&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2010 0
0 102ms
101ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzJROQU883hpDic-P5hw7gV2AG0MBaISYsUb3TrWBAQhaCSYM0jEHGF6MphKM1CmKQZRK6r82fXTi3ZO7K51EYQ_y42xpeglWxqwtx_dhoKk3wjxAgKo-K9VJv7kCzi32TSPuW50kQSecNOH_Lx4NiIS4vFSydHS277jSVENbwsdtX9jNmEte5bteBT5XzFx9ttJOJ6nES9-UpI9kwcrRjnbECqyWvahZ8W_OrSHoWCuhKHDt4D8O12-Vifucp1bfLNyfzxTPU_eh9IVAZ215g8wUtpPtvzjRiu4iQ1h0FAF3C0AR_GmJJZ9m_szGbvo2Otcs5tBiCVfcqGICnq-7fYPWOZtXm2D5YZ1jJRs3cUJs&sai=AMfl-YSatFZCEneSNDI1nXwMvKQyZekiKR6yor-o_JkxNFdyYbry09AawiUGAxgRetP-kQzov1IaUuYUUlF-Ii-PEkCFcyO2hV9yX-OS5yNxPrLHeIhitZZ5_CVMK184JctrFfaV9VEI7n6E9ER4MQFX-yI&sig=Cg0ArKJSzODbwFzXre9DEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:21 GMT

GET
H2 200 RC5de6a9e02c544890919a02eb4635b5a7-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 646 B
607 B 75ms
74ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RC5de6a9e02c544890919a02eb4635b5a7-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b4a614e8387fc1201ecfde0bf4eababbd3c8459225439f5f0f814c9a3487e019

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 349
expires: Mon, 22 Jan 2024 09:39:21 GMT

GET
H2 200 B31024441.384072498;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4266214674;ord=x5pa5h;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-ZH633M88OE1cstMQft-osg2aj... Show response
ad.doubleclick.net/ddm/adj/N5667.274177.WEBMD/ Frame 4018 80 KB
33 KB 253ms
104ms Script
text/javascript 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5667.274177.WEBMD/B31024441.384072498;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4266214674;ord=x5pa5h;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-ZH633M88OE1cstMQft-osg2ajlG_1uspaLfjNDQuRjHCIB0a87hbOHo08Thxv_prn_B-XBpU-mhXHF-apnjf7_g_T1hr2rkZeB_w5ikUYuXhSCuUNzKDzuz0GceKv0ex29zlRovVloWmuwKn3JTsYOWnBWdQ5i_UFpt7pu26menRNV4uyARKsmLza-0EUMLV0NZUEF-2_lTeVIfZbUFNV_YtecFzvPHQrIOroY8IdAHwM7TDxYz9EzHTttW9BuIyb08f9SuNUSX-U4XqzPt_2J3WPrqqucUD8RKgBydcapkzgPKsj7S7_e_6bKjZbM0rFjshu9HIvGHulDWE-JCSchYkkRBYLsIP8jYWBGFhcvwbsZj5TB55yleiuxyP_Q%26sai%3DAMfl-YSEIneTsEm1XsQdTkBLU8uuDqZq_pnNaWwMq7yQDQ9UJIwGL6fcsoo9pzctEmaKbGBX-zU4ab_s-meaNTfoCjsusbKRyDxizLjzTA6jFZfvHmi-YQayuKIOC0y9qgglUdUEqsgNUmnr6B5k-CaSfXo%26sig%3DCg0ArKJSzAKuLyj1NOlEEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fcffr01.ourmd.store%2F$0;xdt=0;crlt=hSR.qP0wqZ;stc=1;chaa=1;sttr=175;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

7d268260369a045423df89e5635d1b3a21ecd962d3a64fc77bbb80e57369d491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33100
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B31045678.383223073;dc_ver=99.292;sz=728x90;u_sd=1;dsp_bidurl_0_=%24%7BSOURCE_URL_ENC%7D;dsp_campaignid_0_=%24%7BINSERTION_ORDER_ID%7D;dsp_chanid_0_=%24%7BEXCHANGE_ID%7D;dsp_dealid_0_=%24%7BINVENTO... Show response
ad.doubleclick.net/ddm/adj/N8897.3006099DBM_LEDESK/ Frame 6FE2 96 KB
36 KB 258ms
116ms Script
text/javascript 142.250.65.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N8897.3006099DBM_LEDESK/B31045678.383223073;dc_ver=99.292;sz=728x90;u_sd=1;dsp_bidurl_0_=%24%7BSOURCE_URL_ENC%7D;dsp_campaignid_0_=%24%7BINSERTION_ORDER_ID%7D;dsp_chanid_0_=%24%7BEXCHANGE_ID%7D;dsp_dealid_0_=%24%7BINVENTORY_SOURCE_EXTERNAL_ID%7D;dsp_id_0_=3;dsp_impid_0_=v4~~%24%7BAUCTION_ID%7D;dsp_placementid_0_=%24%7BCAMPAIGN_ID%7D;dsp_publisherid_0_=%24%7BADSXT_PUBLISHER_ID%7D;dsp_xappb_0_=%24%7BBUNDLE_ID%7D;dc_adk=1262325942;ord=7xkyvp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv99FmaUTeU5CnGtle_V5i52brBjwGbGk3KsPFsWApohww83Vo7lDPgihCSiAf4cJj-A9ZRNeMIsK6PytATipnDHEl7pnbYJLga0ezKbJq5aaIcOYqEVLAmP27gI1d1iYPtyTo0urpZeeW5DDW78E44Y-A54wfyi4VoZ1NgIA-N5y1zarBfP3VjeuWSqJBkeciSRoj6LBWij4BUfEEJv127m4bkuu8UkYkwUlF8jAHsLNLOSbW1iCSNaidBMwwhIVB6UIy14PS6qE8AlbTNiBnlrbmnaLuQXmuYwepHbxUd87dVULR2IUbXNrupX3CR1q-Phc-U7VRlGDK841-rI2L8H3PCerbwkppWjYySeQL8R9Aj-t5ppvz48y6zOrHIsqDI0eHduy-u4w%26sai%3DAMfl-YQqKRWdpX3v2sk5vvGj7SA6_7Wvi8r37NBVK_-HQAM82CCTHdUEo7fYh4t2aKf5ZkclkHW12CjI8J6qiMLeouAZbssq9JcW3BUGKBDYQUWuCh-CLsRhLsiQXoYVhhROk_syvF6-mV_qD5JikHWSCc8%26sig%3DCg0ArKJSzBkuLP0Ri4q2EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvQIWuCmuZYamAZytjvQPl9C2uA3N0omodeK72JrVEY-9waPTQxABIODVySlgyYaAgNyjxBCgAcazhI4DyAEJqAMBqgSfAk_QEzh-tMV50qJwKXAioJLBERGQIaBDRQssi2Ywa0sJnf6xBxYxVAkW_059HR722rLlR5nHmJtmQ8bTWOcAe9CI_MIWWIe5iVdvXXBlCFMNhRbhls0LiIqs3jUuJn8wXVUfdguLehJGRQwrXqFi2vc3kac-si9abGh5SpWowu1Mg_wY0nqhGh7XRSPNwR0cJqAmGR2TWW3o299zxwM439Ol--xxSONoaV8EXiDH41-qI7ucDxU4No_CjsuP5lJw3Q8izx_M0-vIXHFKPxsSEQRYtIDiV-Kvj2-aOgX9j7LMlG5Iznsb1Mglht5VJE4DxYrtGR9cSeDPDvlKG7iGIH8jqmJcwKjjtBgLHlRUoh81njJqb05mKIMqzQyU3HHHwASuwOaqwQTgBAOIBbipg_1NkAYBoAZNgAeizPtxqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY3I7OoMzwgwOACgOYCwHICwGADAGqDQJVU-INEwihws6gzPCDAxWcloMIHReoDdewE5T0qRbQEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_zEeXy0eo7GuHhHcJpa9_s-slt96U8lhgUxqnHUzLHtMq3BeGN__dvpPovUB_QUOKIVVBslgdHNG56QLN70a5BGqKWwzUkO9dLhgB%2526sig%253DAOD64_3NRp39v77I1aXqynBYCpGX84h4mA%2526dbm_c%253DAKAmf-CnbTcbJXnAgqTjQPNxPQFSL2XPhxL07AczShTWVp9fIymuVBDlpZ_jhP9AclCvRtlIA0BulfmZoJ0pPl3B3617ddBUpONPrbBrb9SFJGDrcTBXiHSnjBkAQxCBboHomQRabVdpYpwZoqxKf9J4nCqkcch-RSR83HeVICEHTFKrqKaEenA%2526cry%253D1%2526dbm_d%253DAKAmf-CUH-WOm1rul9MnMYKc1gFszFUS8ZyxS0OkwdV0met7bqayKcOswotqpjVtTza8inXQ9X0DOGTq0eroIaiqANYydhuZhPWvxdWugjAZeFsQHDJqYrWDZ_rxzpbHdZXqNUVIgMHl_JAPXGYIyD9IHlYzQpypb8DclIVj4X-KnsO4O2N2N4JrJboXFYXvlpXh-h4G-5qjtNjY_NONvRPS7Jgm47Eb5PyxSJJb2lquK7Znk4HJdTfIIYkOIoXxJDmAn0F8OVEg%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fcffr01.ourmd.store%2F$0;xdt=0;crlt=hSR.qP0wqZ;stc=1;chaa=1;sttr=178;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f6.1e100.net

Software

cafe /

Resource Hash

b13487c4aba2208e9967e8eaeabbd2363087dee8e97d255c949c31f6cebc8cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36635
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/875612316/ 42 B
455 B 127ms
82ms Image
image/gif 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/875612316/?random=1705912761083&cv=11&fst=1705910400000&bg=ffffff&guid=ON&async=1&gtm=45be41h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fcffr01.ourmd.store%2F&frm=0&tiba=WebMD%20-%20Better%20information.%20Better%20health.&data=event%3Dpage_view%3Bpt%3D1728&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_Wy3VQ-g8OhttRkEuJuDtsl7E8MGZnTEiPDrvMwfaoWhSqS3G&random=2074813176&rmt_tld=0&ipr=y

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 RC0ad40fe64ccd40b089aa4c4daf387537-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 902 B
735 B 75ms
73ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RC0ad40fe64ccd40b089aa4c4daf387537-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 815bd14bb0adf427edba6f7b3966233c9130f5f84332a39eced247c44b327eaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 477
expires: Mon, 22 Jan 2024 09:39:21 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 4018 172 KB
60 KB 364ms
210ms Script
text/javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 13:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67842
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 13:48:39 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 4018 12 KB
5 KB 298ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5667.274177.WEBMD/B31024441.384072498;dc_ver=99.292;dc_eid=40004001;sz=728x90;u_sd=1;dc_adk=4266214674;ord=x5pa5h;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst-ZH633M88OE1cstMQft-osg2ajlG_1uspaLfjNDQuRjHCIB0a87hbOHo08Thxv_prn_B-XBpU-mhXHF-apnjf7_g_T1hr2rkZeB_w5ikUYuXhSCuUNzKDzuz0GceKv0ex29zlRovVloWmuwKn3JTsYOWnBWdQ5i_UFpt7pu26menRNV4uyARKsmLza-0EUMLV0NZUEF-2_lTeVIfZbUFNV_YtecFzvPHQrIOroY8IdAHwM7TDxYz9EzHTttW9BuIyb08f9SuNUSX-U4XqzPt_2J3WPrqqucUD8RKgBydcapkzgPKsj7S7_e_6bKjZbM0rFjshu9HIvGHulDWE-JCSchYkkRBYLsIP8jYWBGFhcvwbsZj5TB55yleiuxyP_Q%26sai%3DAMfl-YSEIneTsEm1XsQdTkBLU8uuDqZq_pnNaWwMq7yQDQ9UJIwGL6fcsoo9pzctEmaKbGBX-zU4ab_s-meaNTfoCjsusbKRyDxizLjzTA6jFZfvHmi-YQayuKIOC0y9qgglUdUEqsgNUmnr6B5k-CaSfXo%26sig%3DCg0ArKJSzAKuLyj1NOlEEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fcffr01.ourmd.store%2F$0;xdt=0;crlt=hSR.qP0wqZ;stc=1;chaa=1;sttr=175;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:54 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4018 41 KB
14 KB 68ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:26:03 GMT

GET
DATA 200
OK truncated
/ Frame 4018 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef828b5ba3aec52021d93e393f47dcf9f565b777dde5dfaeb61e05f5e6d6e757

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements5256.js Show response
cdn.doubleverify.com/ Frame 6E4A 425 KB
101 KB 79ms
78ms Script
application/javascript 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5256.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 21318b721b6b2ceb2b8fa95530a98a9ed103abe4b58d13db0ea1c3299c506a96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 09:15:09 GMT
Server: UploadServer
ETag: "ad7044d09b7c3fb22acee1494462d490"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102711
Expires: Tue, 21 Jan 2025 08:39:21 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1878995/77282216/ Frame 6FE2 60 KB
15 KB 222ms
63ms Script
application/javascript 3.217.211.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1878995/77282216/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=%24%7BINSERTION_ORDER_ID%7D&ias_pubId=%24%7BADSXT_PUBLISHER_ID%7D&ias_chanId=%24%7BEXCHANGE_ID%7D&ias_placementId=%24%7BCAMPAIGN_ID%7D&bidurl=%24%7BSOURCE_URL_ENC%7D&ias_dealId=%24%7BINVENTORY_SOURCE_EXTERNAL_ID%7D&ias_xappb=%24%7BBUNDLE_ID%7D&adsafe_par&ias_impId=v4~~%24%7BAUCTION_ID%7D
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.217.211.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-217-211-138.compute-1.amazonaws.com
Software: /
Resource Hash: 5e9d7b246ea5976d6b6ea3c4c000a848a9c9dfa7383aa3e07d766767eacababe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6FE2 111 KB
39 KB 198ms
136ms Script
text/javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 05:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 05:42:20 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/ Frame 6FE2 12 KB
4 KB 211ms
67ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240118/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N8897.3006099DBM_LEDESK/B31045678.383223073;dc_ver=99.292;sz=728x90;u_sd=1;dsp_bidurl_0_=%24%7BSOURCE_URL_ENC%7D;dsp_campaignid_0_=%24%7BINSERTION_ORDER_ID%7D;dsp_chanid_0_=%24%7BEXCHANGE_ID%7D;dsp_dealid_0_=%24%7BINVENTORY_SOURCE_EXTERNAL_ID%7D;dsp_id_0_=3;dsp_impid_0_=v4~~%24%7BAUCTION_ID%7D;dsp_placementid_0_=%24%7BCAMPAIGN_ID%7D;dsp_publisherid_0_=%24%7BADSXT_PUBLISHER_ID%7D;dsp_xappb_0_=%24%7BBUNDLE_ID%7D;dc_adk=1262325942;ord=7xkyvp;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsv99FmaUTeU5CnGtle_V5i52brBjwGbGk3KsPFsWApohww83Vo7lDPgihCSiAf4cJj-A9ZRNeMIsK6PytATipnDHEl7pnbYJLga0ezKbJq5aaIcOYqEVLAmP27gI1d1iYPtyTo0urpZeeW5DDW78E44Y-A54wfyi4VoZ1NgIA-N5y1zarBfP3VjeuWSqJBkeciSRoj6LBWij4BUfEEJv127m4bkuu8UkYkwUlF8jAHsLNLOSbW1iCSNaidBMwwhIVB6UIy14PS6qE8AlbTNiBnlrbmnaLuQXmuYwepHbxUd87dVULR2IUbXNrupX3CR1q-Phc-U7VRlGDK841-rI2L8H3PCerbwkppWjYySeQL8R9Aj-t5ppvz48y6zOrHIsqDI0eHduy-u4w%26sai%3DAMfl-YQqKRWdpX3v2sk5vvGj7SA6_7Wvi8r37NBVK_-HQAM82CCTHdUEo7fYh4t2aKf5ZkclkHW12CjI8J6qiMLeouAZbssq9JcW3BUGKBDYQUWuCh-CLsRhLsiQXoYVhhROk_syvF6-mV_qD5JikHWSCc8%26sig%3DCg0ArKJSzBkuLP0Ri4q2EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCvQIWuCmuZYamAZytjvQPl9C2uA3N0omodeK72JrVEY-9waPTQxABIODVySlgyYaAgNyjxBCgAcazhI4DyAEJqAMBqgSfAk_QEzh-tMV50qJwKXAioJLBERGQIaBDRQssi2Ywa0sJnf6xBxYxVAkW_059HR722rLlR5nHmJtmQ8bTWOcAe9CI_MIWWIe5iVdvXXBlCFMNhRbhls0LiIqs3jUuJn8wXVUfdguLehJGRQwrXqFi2vc3kac-si9abGh5SpWowu1Mg_wY0nqhGh7XRSPNwR0cJqAmGR2TWW3o299zxwM439Ol--xxSONoaV8EXiDH41-qI7ucDxU4No_CjsuP5lJw3Q8izx_M0-vIXHFKPxsSEQRYtIDiV-Kvj2-aOgX9j7LMlG5Iznsb1Mglht5VJE4DxYrtGR9cSeDPDvlKG7iGIH8jqmJcwKjjtBgLHlRUoh81njJqb05mKIMqzQyU3HHHwASuwOaqwQTgBAOIBbipg_1NkAYBoAZNgAeizPtxqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiAYRABGB0yAooCOgSAQIBASL39wTpY3I7OoMzwgwOACgOYCwHICwGADAGqDQJVU-INEwihws6gzPCDAxWcloMIHReoDdewE5T0qRbQEwDYEwPYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTgAvHhf_zEeXy0eo7GuHhHcJpa9_s-slt96U8lhgUxqnHUzLHtMq3BeGN__dvpPovUB_QUOKIVVBslgdHNG56QLN70a5BGqKWwzUkO9dLhgB%2526sig%253DAOD64_3NRp39v77I1aXqynBYCpGX84h4mA%2526dbm_c%253DAKAmf-CnbTcbJXnAgqTjQPNxPQFSL2XPhxL07AczShTWVp9fIymuVBDlpZ_jhP9AclCvRtlIA0BulfmZoJ0pPl3B3617ddBUpONPrbBrb9SFJGDrcTBXiHSnjBkAQxCBboHomQRabVdpYpwZoqxKf9J4nCqkcch-RSR83HeVICEHTFKrqKaEenA%2526cry%253D1%2526dbm_d%253DAKAmf-CUH-WOm1rul9MnMYKc1gFszFUS8ZyxS0OkwdV0met7bqayKcOswotqpjVtTza8inXQ9X0DOGTq0eroIaiqANYydhuZhPWvxdWugjAZeFsQHDJqYrWDZ_rxzpbHdZXqNUVIgMHl_JAPXGYIyD9IHlYzQpypb8DclIVj4X-KnsO4O2N2N4JrJboXFYXvlpXh-h4G-5qjtNjY_NONvRPS7Jgm47Eb5PyxSJJb2lquK7Znk4HJdTfIIYkOIoXxJDmAn0F8OVEg%2526adurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fcffr01.ourmd.store%2F$0;xdt=0;crlt=hSR.qP0wqZ;stc=1;chaa=1;sttr=178;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 18:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51027
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 18:28:54 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6FE2 41 KB
14 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:26:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 241998
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:26:03 GMT

GET
H2 200 m Show response
secure-gl.imrworldwide.com/cgi-bin/ Frame 61DD 44 B
704 B 283ms
83ms Document
image/gif 2600:9000:211c:ae00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn549324&cr=138460198049&ce=3312554&pc=6478994126&ci=nlsnci3067&am=11&at=view&rt=banner&st=image&r=1695828995
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211c:ae00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-length: 44
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 08:39:21 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
pragma: no-cache
server: nginx
via: 1.1 ce6ac8bc6515892a00316a83f3713e1e.cloudfront.net (CloudFront)
x-amz-cf-id: 7oZFBmqP76zjkw4FF8-ZzvK7FTG886mVewumxN5N-17uu0wcQgMO6w==
x-amz-cf-pop: JFK52-P4
x-cache: Miss from cloudfront

GET
DATA 200
OK truncated
/ Frame 6FE2 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0e65e54a8e74c20272d4628466017ddce306787f2fa324c84e190e5e1298f34

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dv-measurements5256.js Show response
cdn.doubleverify.com/ Frame C99B 425 KB
101 KB 75ms
73ms Script
application/javascript 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5256.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 21318b721b6b2ceb2b8fa95530a98a9ed103abe4b58d13db0ea1c3299c506a96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 09:15:09 GMT
Server: UploadServer
ETag: "ad7044d09b7c3fb22acee1494462d490"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102711
Expires: Tue, 21 Jan 2025 08:39:21 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2C04 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 242362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:19:59 GMT
expires: Sat, 18 Jan 2025 13:19:59 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame FDCB 38 KB
13 KB 82ms
79ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 242362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:19:59 GMT
expires: Sat, 18 Jan 2025 13:19:59 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 6E4A 718 B
752 B 465ms
55ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=189&ttfrms=49&brid=3&brver=120.0.6099.224&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6Tar9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6U42%3FFC%3Dl9EEADTbpTauTauHHH%5DH63%3E5%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&uid=1705912761903106&jsCallback=dvCallback_1705912761904735&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5256&tgjsver=5256&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fcffr01.ourmd.store%2F&fwc=2&fcl=1633&flt=0&fec=1371&fcifrms=12&brh=2&dvp_epl=215&noc=4&nav_pltfrm=Win32&ctx=17778638&cmp=DV457434&btreg=6494257801138458794120&btadsrv=6494257801138458794120&adsrv=104&unit=728x90&seltag=1&sadv=5221123576&ord=3290882848&litm=6494257801&scrt=138458794120&splc=/4312434/consumer/webmd/hp-conwbmd&adu=25989674&spos=141&c1=1728&c3=83&c4=vuejs&c7=/default.htm&c8=170591275976336023&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=99284155.3525418&ee_dp_sukv=99284155.3525418&dvp_tukv=1687033066085.9414&ee_dp_tukv=1687033066085.9414&dvp_tuid=1037538145362&jurtd=3264650180
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5256.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: cee9dc13d8e7b628c8c13cfe3f0d1a526121aca0b96daf6175df4f68ee431303

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:22 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 01/21/2024 08:39:22

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame C99B 718 B
752 B 361ms
57ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=222&ttfrms=24&brid=3&brver=120.0.6099.224&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6Tar9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6U42%3FFC%3Dl9EEADTbpTauTauHHH%5DH63%3E5%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&uid=1705912762017207&jsCallback=dvCallback_1705912762017618&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5256&tgjsver=5256&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fcffr01.ourmd.store%2F&fwc=2&fcl=1633&flt=0&fec=1371&fcifrms=12&brh=2&dvp_epl=215&noc=4&nav_pltfrm=Win32&ctx=17778638&cmp=DV457434&btreg=6478994126138460198049&btadsrv=6478994126138460198049&adsrv=104&unit=728x90&seltag=1&sadv=5163261768&ord=3323461810&litm=6478994126&scrt=138460198049&splc=/4312434/consumer/webmd/hp-conwbmd&adu=25989674&spos=141&c1=1728&c3=83&c4=vuejs&c7=/default.htm&c8=170591275976336023&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=42244423370.06809&ee_dp_sukv=42244423370.06809&dvp_tukv=471397660093.0099&ee_dp_tukv=471397660093.0099&dvp_tuid=669197423422&jurtd=3330317188
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5256.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: caf789dfffc8aa52cdb60975a1532bea1f5b8f3ff29488fecbd4bf2cc8754ceb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:22 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 01/21/2024 08:39:22

GET
H2 200 AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js Show response
pagead2.googlesyndication.com/bg/ Frame 2C04 50 KB
20 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AQAQeYtzTrql21gmUfHv2Md-TtOjltGIaj9_D2yS7lg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

010010798b734ebaa5db582651f1efd8c77e4ed3a396d1886a3f7f0f6c92ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 12:03:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 160560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19642
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 Jan 2025 12:03:22 GMT

GET
H2 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame FDCB 39 KB
15 KB 94ms
93ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 02:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108247
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 02:35:15 GMT

GET
H2 200 durly.js Show response
c.evidon.com/ Frame 6FE2 4 KB
2 KB 330ms
64ms Script
application/x-javascript 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/durly.js?;coid=8379;nid=160132;ad_wxh=728x90;
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fbcacda475ed69433f5f60034f72c38bf7dfa6d4c89f7ee7a2c2f88945f813b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 17:30:28 GMT
server: AkamaiNetStorage
etag: "b89cae0eeff70e139af64eed93353c19:1700587828.86706"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1605

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7706539330959380364/ Frame 402A 88 KB
22 KB 279ms
66ms Document
text/html 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72738dbf8d9afbf7c39533b2f21ad4008e7637775edb6d2eb9e9626f38bc615a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 241328
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22086
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Jan 2024 13:37:14 GMT
expires: Sat, 18 Jan 2025 13:37:14 GMT
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6FE2 0
0 341ms
123ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvD1RcXcZD9jy83A6TOMVGt4cSrzh0HADD3HwAiNyswmcfZAPmsOnSc6T5AUBnegEQV6fdIH7zhwmACR8pNBBrGJ4CMBsFClAIHoIXhColfNLMZRyMlUkga8qrq_fZhI0Jc-KP5y7TgGMIPflcZfCYs4qNyjrIQn5KqZRanHx1gPUkdEbukYsDvWs873hE-3OVugPGajw&sai=AMfl-YR7otFW0C9p_HmXcLpVnGB-fQ3kZEqS93_aTcBaMElX8joV8BXHLA8QLHLw1pOaISeU-uaQiftBGEYf2lGyqeNw9VKmjZVsiUNvXw&sig=Cg0ArKJSzCCR4SYvEREgEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=389&cbvp=1&cstd=384&cisv=r20240118.72399&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 /
d.agkn.com/pixel/2387/ Frame 6FE2 43 B
630 B 292ms
75ms Image
image/gif 2600:9000:21da:c000:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/2387/?ct=US&st=FL&city=17762&dma=30&zp=33018&bw=3&che=532377911&col=31045678,4016407,383223073,574879641,185141328
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:c000:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:22 GMT
via: 1.1 3496707421faf86f68ae341aa8b7d1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: FUMLrVOUVGzed7CgDJivBg0jo6Fv1BVS3hlmFhq2ZeeRTskgtCoEdQ==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.19.8.473.js Show response
static.adsafeprotected.com/ Frame 6FE2 214 KB
66 KB 293ms
77ms Script
application/javascript 2600:9000:247b:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.473.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1878995/77282216/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=%24%7BINSERTION_ORDER_ID%7D&ias_pubId=%24%7BADSXT_PUBLISHER_ID%7D&ias_chanId=%24%7BEXCHANGE_ID%7D&ias_placementId=%24%7BCAMPAIGN_ID%7D&bidurl=%24%7BSOURCE_URL_ENC%7D&ias_dealId=%24%7BINVENTORY_SOURCE_EXTERNAL_ID%7D&ias_xappb=%24%7BBUNDLE_ID%7D&adsafe_par&ias_impId=v4~~%24%7BAUCTION_ID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68687158d2c493d42ae6dee2f15fc2c761da3abf8d92c4474e1dbc527b6930d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 21:48:31 GMT
x-amz-version-id: TozINgEWWkvQmqDfTCTq3yrdeWW.56xS
content-encoding: gzip
via: 1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 903052
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 11 Jan 2024 21:47:36 GMT
server: AmazonS3
etag: W/"38edfb290172e1aef8532f19eb4cbbe4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: VmOcfmxV0ARorbtrfbxCCCxRx4PZQfpwlgXi1cZhI107fg_5sSk2vA==

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 4018 9 KB
4 KB 75ms
75ms Script
application/javascript 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=16970841&cmp=31024441&sid=1334556&plc=384072498&num=&adid=&advid=9714545&adsrv=1&btreg=574723951&btadsrv=doubleclick&crt=201502990&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: a6c737a8b792a9f3a737c1ae9496c530b2c51832c3f2834aa620a81ab6b6cc36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 12:37:05 GMT
Server: UploadServer
ETag: "ec2fdccf2e6d4b4316526cec99c7677c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Mon, 22 Jan 2024 08:54:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 30 KB
7 KB 88ms
87ms Document
text/html 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70358ff10dfa0f99e750e2961af06f1092a0b9f92c757e83f584ff95cbbff739

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 08:39:22 GMT
expires: Tue, 21 Jan 2025 08:39:22 GMT
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4018 0
0 211ms
128ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswLKC7qmk7qE6iQR0j_znYiLgfPK1Y2BKkvbbD-Vp6cJrv-Ie2u1ogwGFaxciRp6mxxlf3_bGfavYDOqziNkOsc3I5a6OA9cHZXUyDHFFCNroHuaoHwgUHcU8BAvIcg1VPL6TjByyaLJX-dAOYnRF6uyrOL2CKiwWMNXHilSpx&sai=AMfl-YRTcs9k8YJKSjDmXw5gs9GD9jfRhpZUYotbF_n8856deUNRfarJCvid_yKSVbgqtotKTEbAprtTcOLwyVMOelwN8qxbc7FMKGJ8Xg&sig=Cg0ArKJSzBENXh2c3FXKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=621&cbvp=1&cstd=602&cisv=r20240118.54252&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

89.42.226.35.bc.googleusercontent.com

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

idr.gif
p.alcmpn.com/idr/ven/1042/ Frame 4018
Redirect Chain

https://sync.graph.bluecava.com/ds.png?p=5d240b6c-d95e-11ed-8f0e-4201ac10000e&CID=CX321135&Site=N5667.274177.WEBMD&PID=384072498&CreativeID=201502990&Tagtype=Event&DeviceID=1&Key7=1&Key8=&Key9=&Key10=
https://p.alcmpn.com/idr/ven/1042/idr.gif?fpid=cf357c75-7f83-4b05-905f-a0834ddcf40c&chained=true

0
277 B

1079ms
70ms

Image
text/plain

35.226.42.89
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.alcmpn.com/idr/ven/1042/idr.gif?fpid=cf357c75-7f83-4b05-905f-a0834ddcf40c&chained=true

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Server

35.226.42.89 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

nginx / Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
strict-transport-security: max-age=31536000;
server: nginx
x-powered-by: Express
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:22 GMT
via: 1.1 google
p3p: CP="NON DSP LAW PSAo PSDo IVAo IVDo OTPo OUR SAMo BUS UNI PRE"
access-control-allow-origin: *
location: //p.alcmpn.com/idr/ven/1042/idr.gif?fpid=cf357c75-7f83-4b05-905f-a0834ddcf40c&chained=true
content-type: image/png
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: -1

GET
H/1.1 200
OK dv-measurements5256.js Show response
cdn.doubleverify.com/ Frame BDEB 425 KB
101 KB 74ms
73ms Script
application/javascript 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5256.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 21318b721b6b2ceb2b8fa95530a98a9ed103abe4b58d13db0ea1c3299c506a96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jan 2024 09:15:09 GMT
Server: UploadServer
ETag: "ad7044d09b7c3fb22acee1494462d490"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102711
Expires: Tue, 21 Jan 2025 08:39:22 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 402A 236 KB
63 KB 84ms
83ms Script
text/javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 08:39:22 GMT

GET
H3 200 scrollStyles.css
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 19 KB
3 KB 75ms
67ms Stylesheet
text/css 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/scrollStyles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

210cf50b97c26b09f7a574ea85d549f2791d00351fc32ad7b7986d650e3adc6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Fri, 17 Jan 2025 19:57:35 GMT
date: Thu, 18 Jan 2024 19:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3178
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame B58D 120 KB
41 KB 100ms
92ms Script
text/javascript 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 16:51:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Jan 2024 16:51:05 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.1.1/ Frame B58D 56 KB
21 KB 151ms
40ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.1.1/gsap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

732117ac92a33b760d9290a33f1541762ee9449dc417ea249b5a0df50738ad16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 214859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20728
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-e1e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E03fKp53Rt804h0j1cDKEDha2HIQevvs7a4jRO9mQhyATUDvXMm0xzI%2Bv8BuFU8I2nop5Mvn%2F39%2B40655h3tj3S5j%2BCYDDMiK3%2FNUXHtLkFC6PutUPZYdzdMLKwTzdbbjZPGUUAaWZ3g6h1FShsE7gm1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84967c6e6f3b6dcb-MIA
expires: Sat, 11 Jan 2025 08:39:22 GMT

GET
H2 200 OverlayScrollbars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.10.3/js/ Frame B58D 52 KB
20 KB 154ms
43ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.10.3/js/OverlayScrollbars.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f8d807bfa0018ec8b97f0f4712a44bcf68e44760fd9662130e8794ea666ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4666640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20291
last-modified: Mon, 04 May 2020 16:13:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3f-cffc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJFZX7YWk6Cn5Pe%2BRcTZbs4%2FY8MbnC0pa9BkBpXx7WuZowAc5vaa5tlKPdry%2BT0pF2mrNRL6dbjY6tx3ggoN5ahpJD6vKQkY5z0MlX7qEkes4eRvbMkA5Wu8MYaIYPcZtFl9L92d6G5QTskE3xhaiY6q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84967c6e6f3e6dcb-MIA
expires: Sat, 11 Jan 2025 08:39:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame B58D 85 KB
30 KB 1055ms
67ms Script
text/javascript 2607:f8b0:4006:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:40:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:40:12 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame B58D 11 KB
2 KB 1065ms
78ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3915528adf7fa37e092c38ffc6d93f4be2a7f083f616d7259a78d09b11df59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 22 Jan 2024 07:41:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Jan 2024 08:39:23 GMT

GET
H2 200 ba.js Show response
c.evidon.com/geo/ Frame 6FE2 42 KB
13 KB 69ms
66ms Script
application/x-javascript 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/ba.js?r231121
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/durly.js?;coid=8379;nid=160132;ad_wxh=728x90;
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e66ea3d92f57880a1eb8220863a3ddc8e25fb4940e24b9d1b1b5064b41b6cc72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: gzip
last-modified: Tue, 21 Nov 2023 17:29:33 GMT
server: AkamaiNetStorage
etag: "2a89f2588a8c2fb5a1419f6ca61adca6:1700587773.052412"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12681

GET
H2 200 4.gif
c.evidon.com/a/ Frame 6FE2 43 B
326 B 66ms
64ms Image
image/gif 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/a/4.gif
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: de3a7ca2f8ae592aae2652335b755b0d0b65df663dda8776387cae7339b76d64

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2010 17:07:29 GMT
server: AkamaiNetStorage
etag: "65786c291a4603aa5150a1884452838d:1271351254"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/gif
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 53

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame BDEB 718 B
753 B 58ms
56ms Script
text/javascript 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=193&ttfrms=14&brid=3&brver=120.0.6099.224&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6TauU2%3F4r92%3A%3Fl9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6Tar9EEADTbpTauTau477C_%60%5D%40FC%3E5%5DDE%40C6U42%3FFC%3Dl9EEADTbpTauTauHHH%5DH63%3E5%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1454&ddur=78&uid=1705912762607469&jsCallback=dvCallback_1705912762607949&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.224%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5256&tgjsver=5256&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fcffr01.ourmd.store%2F&fwc=2&fcl=1633&flt=0&fec=1371&fcifrms=12&brh=2&dvp_epl=215&noc=4&nav_pltfrm=Win32&ctx=16970841&cmp=31024441&sid=1334556&plc=384072498&crt=201502990&btreg=574723951&btadsrv=doubleclick&adsrv=1&advid=9714545&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=99284155.3525418&ee_dp_sukv=99284155.3525418&dvp_tukv=3964882824.6512866&ee_dp_tukv=3964882824.6512866&dvp_tuid=942316512426&jurtd=172583728
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5256.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 0d9198f4ec9e4ecdff9312cab38e61f35195b15edda6e4927a4af02a9f5839f5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:22 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 01/21/2024 08:39:22

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 6FE2
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1878995/77282216/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=%24%7BINSERTION_ORDER_ID%7D&ias_pubId=%24%7BADSXT_PUBLISHER_ID%7D&ias_chanId=%24%7BEX...
https://static.adsafeprotected.com/skeleton.js?ias_xappb=%24%7BBUNDLE_ID%7D

17 B
466 B

66ms
66ms

Script
application/javascript

2600:9000:247b:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?ias_xappb=%24%7BBUNDLE_ID%7D
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Server: 2600:9000:247b:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 00:59:33 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 15061191
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: vFZ0MDZv4itfUCGhvxZz61yE5v8HZeuP2Y4oF8MU8ZZtkA3oZiLLZA==

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:22 GMT
server: nginx
x-server-name: app28.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?ias_xappb=%24%7BBUNDLE_ID%7D
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2C78 91 KB
23 KB 74ms
74ms Script
application/javascript 2600:9000:247b:5800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:5800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 08:11:24 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P2
age: 1556878
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: wB1DDyosKMwn9Xu7NG_XjsdDMLj--ntRwhSjHijqI8swgBUFxH99GQ==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 722ms
59ms Image
image/gif 2600:1f18:1aca:4282:5259:92bb:11a5:b49e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1878995&asId=ccfa3516-fb8d-cb67-68a4-c49aa4731447&tv=%7Bc:1YsJX3,pingTime:-2,time:696,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1360,beZ:1363,mfA:1869,cmA:1871,inA:1871,inZ:1879,prA:1879,prZ:1890,si:1899,poA:1902,poZ:1933,cmZ:1933,mfZ:1933,loA:2011,loZ:2016,ltA:2055,ltZ:2055,mdA:1364,mdZ:1735%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:538%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:697,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:537,wc:0.0.1600.1200,ac:436.739.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B183~100%5D,as:%5B183~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:u24Y6dH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1878995-77282216%7C1b1%7C1b2%7C1b31%7C1b4%7C1c1%7C1c21%7C1c3%7C1c4,idMap:1b*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:540,slid:%5Bgoogle_ads_iframe_/4312434/consumer/webmd/hp-conwbmd_2,google_ads_iframe_/4312434/consumer/webmd/hp-conwbmd_2__container__,hp-instream-ad-1,hp-ad-container,html-091e9c5e824b2c3e,ContentPane29,main-container,global-main,app,app%5D,sinceFw:152,readyFired:true%7D&br=c
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5259:92bb:11a5:b49e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:23 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 bg.png
s0.2mdn.net/sadbundle/7706539330959380364/images/ Frame 402A 70 KB
70 KB 66ms
65ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/images/bg.png?1666372183159

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f12fe51a34c53904b828b60bd4a8c6451713c756a0859e8d99e85e2df39fab94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:30:50 GMT
date: Fri, 19 Jan 2024 13:30:50 GMT
x-content-type-options: nosniff
age: 241712
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71974
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6FE2 0
0 98ms
96ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvD1RcXcZD9jy83A6TOMVGt4cSrzh0HADD3HwAiNyswmcfZAPmsOnSc6T5AUBnegEQV6fdIH7zhwmACR8pNBBrGJ4CMBsFClAIHoIXhColfNLMZRyMlUkga8qrq_fZhI0Jc-KP5y7TgGMIPflcZfCYs4qNyjrIQn5KqZRanHx1gPUkdEbukYsDvWs873hE-3OVugPGajw&sai=AMfl-YR7otFW0C9p_HmXcLpVnGB-fQ3kZEqS93_aTcBaMElX8joV8BXHLA8QLHLw1pOaISeU-uaQiftBGEYf2lGyqeNw9VKmjZVsiUNvXw&sig=Cg0ArKJSzCCR4SYvEREgEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1108&vt=11&dtpt=719&dett=3&cstd=384&cisv=r20240118.72399&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 160132.js Show response
c.evidon.com/a/n/8379/ Frame 6FE2 2 KB
991 B 65ms
64ms Script
application/x-javascript 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/n/8379/160132.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 710be2dea0373a68a89e2b6c933267dcd67ff207dd99877afdf43566602223c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:22 GMT
content-encoding: gzip
last-modified: Tue, 28 Mar 2023 14:55:40 GMT
server: AkamaiNetStorage
etag: "80056490f62428004a817d7698df52f4:1680015340.007056"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=600
accept-ranges: bytes
access-control-allow-headers: *
content-length: 704

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B58D 8 KB
6 KB 220ms
90ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17160f0d831ba4c7d49126a2e53e6970b646771b2e476c7b7b7d2d81e48519fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5849
x-xss-protection: 0

GET
H3 200 product.png
s0.2mdn.net/sadbundle/7706539330959380364/images/ Frame 402A 9 KB
9 KB 67ms
66ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/images/product.png?1666372183159

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547d39834d60d6e009b4a7808151f9582b983869868dddb7fa44598e546a34c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:25:26 GMT
date: Fri, 19 Jan 2024 13:25:26 GMT
x-content-type-options: nosniff
age: 242037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8944
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FE2 42 B
64 B 98ms
97ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumYIGz0L_NEbwDJPpttOBmUWPobTqRRiJVGbn2VA97uGIXED5O3rcZC_0QLYkk9-9TpIG1owsvz8mFmIPrdd4TjUn9ud06fP6b9y2E9oCjxe5rC-Syn3pBlxlxXyw&sig=Cg0ArKJSzHuccoIYVLH3EAE&id=lidar2&mcvt=1255&p=0,0,90,728&mtos=1255,1255,1255,1255,1255&tos=1255,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=1262325942&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705912760762&rpt=1437&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swirl_blue.png
s0.2mdn.net/sadbundle/7706539330959380364/images/ Frame 402A 11 KB
11 KB 66ms
65ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/images/swirl_blue.png?1666372183159

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9b1075386ec9615eb98d2c471825cbafaeed57b0e05367d72e704a53b99085c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:37:15 GMT
date: Fri, 19 Jan 2024 13:37:15 GMT
x-content-type-options: nosniff
age: 241328
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11276
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FDCB 0
20 B 103ms
101ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BLyYnuSmuZb2zHda0oPMP1vaLgAkAAAAAOAHgBAI&bg=!Z2SlZCvNAAa8BdJLnAU7ADQBe5WfOHmdibSvc70Rae_xz11FzlRS5NEMEBDukX1o7cyXkkaBttKQn_A6drxTXObi5Fa7AgAABOhSAAAABGgBB5kC4j5BsSfhzu67aELuMde1lvc774GeCJ1cJWbFvH1UP1Pj1tYvNlWGkWUCVIjYIKNmHgCjy658ZfsfiaQ8b5aSz7eSgfJdrS0v747OQp7JTLApX4pJCXiw3aLBWsoRVXcWLra0MT5xNAbyFR6os9qqAKV4ggWSf3St9THAiYMFwlV4Ta54YCj6GSX6j7pyMPFysoOuQ9K-zJj12LJZaTItLCoWl6QoyoaCF9sg7rIAcPb-AH8XfayURE1UFnn4iU7JRNZoqzNfROl9hVs0_taXJdw_lRtKjjqajfEW2RbbmM4mpa7JVBe0YX1JkYPrHK4kcNUo3SAaZvJlwjfCFOG274JwmLZfteIuLlXi9ISl3aL1v86pnoSABKOMF1-e_777jDzWyWErupyTwrXZrqbXbzetDiNVJ0fWDdF2JyWfG5lKg8LHoH_HYZ_OtPwLG8SJ62uhzHBKrfSnX5dbflv_Uc6cr5UHFaTrz4JSyZel73_3semrLj3MaVGxZnhtzTOTCYectfr5lc3EozWup-NQgQ516akt84EGDF2gXpj1jRA_bGNXOncHCgMvsBpJHajVs0iqXDAu36ZLrMZ0v8_2sBY3s63VkkRktSo8FDwaTscffqWPzzjCEHvYbY04yiUGijusYA3keohE4xviUqhZHFE5ufAqBPrhbTuxf3b-DcNXpcBs4r3S45lIAHuDKQmlNZN6ce6KJNU-sIv0s-LP2vfvTE113IXF-M46D2jl9Jg0fEnWzttT9V7CNtOSKiE2Aknj0RKvCVScCsMLWex4sBvtkt7BP3jbcVlrzamW-jxx77vcdce5g_ZVkZf6cWmGYTMw42J0xNwmNk8cOWkwSywBxIWgmO6y0oqiv8kX9LRKdBh1JBwKoyhucLkX96XVDOe3gWdek6Oz2fHoL6tUVCFFOPlacYWFD_jv20i-mOEoJjOFEOtoQ4dnLf1mMjexKsY2NqGMrgIL5q6SvgveY8Eniw

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6FE2 0
0 112ms
111ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-w69cH5rU5LCchTXDOzZF_CUeFarn6gk1CzEw7fkHiXShdpUvo_UgrLeJVVVqBGX6k9Z9fNuL4jK6uK5pa4Ka3TSeJNu7esOvvFK0oGGtXTbOsb7Nwxa-K1YV-Tpg2BGDeU63dZaL9SMv1l6EsKzMc1phMLPKcDOTkDJJ2iwNVftBGWmLvjEx0W5OWtuTRClFaLEKhXkz8W1MqUQdSR4Qzg0X-07blkAnjPv6RgXy8WknUd0Gmdr9jb3mTRcjinaB_FUbQJneQso_HC5uR1VxFCCRvyiyFYvpznwNLIswRwK4fkuRJYKn43qUupJn9-yxtBz-9Mbu9paXyD_KNpUWKou-MUUUumTOIvFrMzuaJXoFoXPueBFekfsE9Wx33rDdsBlcROwRqBSAXgvnsbAz&sai=AMfl-YToOtoOMr8L776ciIvrpsOLlCDNTdrZmetnLaBsCo8osxarcLaKlJombGC5A-J2SOP-bx24unRWfRwL33OMLF1c-6vaZ3tK3HOI-e4_T1U6D2kPpy95QkKOBHLHcBFWS2tUFmb4ecEuotc__8sXKr4&sig=Cg0ArKJSzJXKzsyFMfQKEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:23 GMT

GET
H2 200 COMMON.css
c.evidon.com/a/ Frame 6FE2 2 KB
975 B 66ms
65ms Stylesheet
text/css 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/COMMON.css?r=0.2850896929467097
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a3c92e8d35e4e636238e577da8cd44aaf8dd699b719e4125ba0029330edf6907

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2017 16:26:10 GMT
server: AkamaiNetStorage
etag: "c3cc19ce8230df99c7835decc2d79ee8:1486052770"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: text/css
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 715

GET
H2 200 6.css
c.evidon.com/a/ Frame 6FE2 898 B
648 B 69ms
66ms Stylesheet
text/css 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/a/6.css?r=0.43911867180864905
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/geo/ba.js?r231121
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d4be3ac72f80e7f9de3f25f566fe693f2ff4ca40467d0ebb0f2ace003f2eed98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2016 22:23:43 GMT
server: AkamaiNetStorage
etag: "0201e098f4bf4dfb5200e1da0993359c:1461104623"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: text/css
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
accept-ranges: bytes
access-control-allow-headers: *
content-length: 388

GET
H2 200 box_77_top-right.png
c.evidon.com/icon/ Frame 6FE2 159 B
454 B 81ms
79ms Image
image/png 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/box_77_top-right.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 18ce127fac997d05e6cac7436df99fe45e8a589d26d1c891aa127e8b2af572a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:19 GMT
server: AkamaiNetStorage
etag: "49829da8a0a594f300b83586f077bf58:1360189519"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 179

GET
H2 200 c_30_us.png
c.evidon.com/icon/ Frame 6FE2 924 B
1 KB 69ms
67ms Image
image/png 23.200.88.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.evidon.com/icon/c_30_us.png
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.200.88.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-88-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7aa846082d8ee4453971b0c942731bc25e45f436af3c8d59764f454414c375cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
last-modified: Wed, 06 Feb 2013 22:25:25 GMT
server: AkamaiNetStorage
etag: "698a04f1a4e8d39498dd892af9c71412:1360189525"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: image/png
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=432000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 921

GET
H2 204 pixel.gif
l.evidon.com/ct/0_0_0_160132/us/0/1/0/0/0/0/728/90/242/8379/0/ Frame 6FE2 0
121 B 212ms
59ms Image
text/plain 3.233.180.197
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/ct/0_0_0_160132/us/0/1/0/0/0/0/728/90/242/8379/0/pixel.gif?v=2_1&ttid=2&d=cffr01.ourmd.store&r=0.37372070353406417
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.180.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-180-197.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3 200 copy01.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 8 KB
8 KB 70ms
68ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/copy01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b71116a81169b94c9e809deb86df648c3d03c4d5ca5c7d4bc1828f66e48e9a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:25:01 GMT
date: Fri, 19 Jan 2024 13:25:01 GMT
x-content-type-options: nosniff
age: 242062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8002
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 copy02.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 8 KB
8 KB 72ms
65ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/copy02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97980ed261a3ca6291fd9ebcf11bb2181180a23e76179691d239d0f7f828e305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:27:41 GMT
date: Fri, 19 Jan 2024 13:27:41 GMT
x-content-type-options: nosniff
age: 241902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7785
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 copy03.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 4 KB
4 KB 76ms
69ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/copy03.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9c06ef5a31f5d86593697ea76d091cfe7ef9b8f52a2cc2c522d7505208fae11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:28:39 GMT
date: Fri, 19 Jan 2024 13:28:39 GMT
x-content-type-options: nosniff
age: 241844
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3792
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 copy04.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 4 KB
4 KB 73ms
67ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/copy04.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d60504d8f2ee153f167708059ea9909d9ddd474dc90b698722d150cb5dea4ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:39:55 GMT
date: Fri, 19 Jan 2024 13:39:55 GMT
x-content-type-options: nosniff
age: 241168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3648
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image01.jpg
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 17 KB
17 KB 94ms
88ms Image
image/jpeg 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/image01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

583cf5ac653edd48a95499fe8ed2680744da2680c60173661ee8157e9b596249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:12:34 GMT
date: Fri, 19 Jan 2024 13:12:34 GMT
x-content-type-options: nosniff
age: 242809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17046
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image03.jpg
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 20 KB
20 KB 81ms
75ms Image
image/jpeg 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/image03.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c07940dc6be948a7e40a930e551301264c8ec484ae40d8e94e34752ee9a76b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:34:38 GMT
date: Fri, 19 Jan 2024 13:34:38 GMT
x-content-type-options: nosniff
age: 241485
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20922
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 image04.jpg
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 30 KB
30 KB 94ms
89ms Image
image/jpeg 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/image04.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3c7c685baa104196469d8e4e625554dd079f3814d7646d2b01a6ce72c26746f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:43:23 GMT
date: Fri, 19 Jan 2024 13:43:23 GMT
x-content-type-options: nosniff
age: 240960
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30715
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo01.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 5 KB
5 KB 100ms
96ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/logo01.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fbe6551847f8aa890a223686a0e61770ec33ce683db8e58dfa2c8d34bf1af74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:14:45 GMT
date: Fri, 19 Jan 2024 13:14:45 GMT
x-content-type-options: nosniff
age: 242678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5016
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logo02.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 5 KB
5 KB 98ms
94ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/logo02.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13905318061bc0b67441779fe4dd1d1915c1f0e0dcb14259b864d83ebd3a3dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:19:53 GMT
date: Fri, 19 Jan 2024 13:19:53 GMT
x-content-type-options: nosniff
age: 242370
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4709
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 isiHeader.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 3 KB
3 KB 97ms
92ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/isiHeader.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49a1befa781d20ff0a5840505fbc798570d5849826c6c9b465b05ddd34220507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:50:14 GMT
date: Fri, 19 Jan 2024 13:50:14 GMT
x-content-type-options: nosniff
age: 240549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2926
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 sponsor.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 2 KB
2 KB 100ms
95ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/sponsor.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90af96a654ce5fcd1198883faf0e86ef6723e2cb9b4d4353ab0c6e8e62e1bdbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:26:09 GMT
date: Fri, 19 Jan 2024 13:26:09 GMT
x-content-type-options: nosniff
age: 241994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1947
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 1 KB
1 KB 100ms
96ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/cta.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

914dfb1eb24eba9b620fa04bc284a67d3c09051824a1efc9485fee899da2fe72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:17:03 GMT
date: Fri, 19 Jan 2024 13:17:03 GMT
x-content-type-options: nosniff
age: 242540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1364
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 ctaOn.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 1 KB
1 KB 103ms
99ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ctaOn.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d530e7f05abccae758cc66914e7979fda9ae8d1b43f793c7477836f9cdbe6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:29:42 GMT
date: Fri, 19 Jan 2024 13:29:42 GMT
x-content-type-options: nosniff
age: 241781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1358
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 indicationsCopy.jpg
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 4 KB
4 KB 100ms
97ms Image
image/jpeg 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/indicationsCopy.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c3c0dd039533b925a965d866f0d6facb466be773fd5e5db61ec56a8bb737391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:23:49 GMT
date: Fri, 19 Jan 2024 13:23:49 GMT
x-content-type-options: nosniff
age: 242134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3722
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 logoAlkermes.png
s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/ Frame B58D 2 KB
2 KB 103ms
100ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/logoAlkermes.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0456c4316b050fd409ac056eb1caf2bcb724762afc0b98dcb6a33e3ffd110c62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10917588629312098977/lybalvi_madison_1_needForBetter_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=R6Dked4yFq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:27:50 GMT
date: Fri, 19 Jan 2024 13:27:50 GMT
x-content-type-options: nosniff
age: 241893
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2273
x-xss-protection: 0
last-modified: Tue, 24 Oct 2023 21:31:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 swirl_cyan.png
s0.2mdn.net/sadbundle/7706539330959380364/images/ Frame 402A 12 KB
12 KB 83ms
82ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/images/swirl_cyan.png?1666372183159

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec042a70cde79fa726f3f3db2049d54d38ca8294d6bda0b848c22e1f70f9a983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:29:24 GMT
date: Fri, 19 Jan 2024 13:29:24 GMT
x-content-type-options: nosniff
age: 241799
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11792
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C04 0
20 B 102ms
98ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BzVFxuSmuZc-8Hfm2oPMPq7qukAcAAAAAOAHgBAI&bg=!8fKl8r3NAAZVxkGXdcY7ADQBe5WfOLCQvHM4Ts20CrE4JfjcyCfLz3IHiFcCnaD6HA23jPNOCA6mddVh7Z4kKZyY2QmdAgAABYxSAAAAA2gBB5kC7_S7z_Cv2qWcLp3yyHIHt-5eo5OGuQCvdCTedEBIxImi3pPzmO3vRk1UiOggcropcwtXdZcP0F6ISDHubtqA3owlkaVjP0xVTV3DONoNKUQOLQHM3LYyz2iwDnbb_-r3iKNvuMrh3YgJuZKXs7sEnsSGQUXu0X-9fz1Vvw0IXagdWX9luaVgFSQ1TeoKrd7TWJ4_n9rWZMlYUpwN-KDJ5IT8CPbSqgJ-Z1coJr-tEcyYdSXgzpWspvvkrmlckVJ2yR_gtr9JWS0NMD2v5F6FMMMxwNwDwf_L6H6QcOkTbmi6qkHb6V1LIzg30-GaEte1dVpCmlKyR6H4QR3DCTm3wr6BppmFKxz2FoM-9HvHQ9ZeZ4vl-ADhe9UhTFI3b-QdJA-54tfaLqFdYDc7zBLehnMT3cq1vrdPGMPpmBT0LydNDxBw6wH5N3sr5epBgAjE5brC5vfHs5TQhh4C2eI7gUYyBt0sXSzE7w9OrSpEmWGltzQb0KYhVxB8p670wgkD91-eKDGD9gQBUBLZv-2DIUtyUW486VNGeqX_iJQWvnf0LI0P_lrKeWbPbHnUUhkpw0o-wZ8pfCZ0EIKCts4gsOsEazFysN6fiD1r-1eawFikkxULksSvnJaEgkdaF_3SVZrEtjCrSFGtMPPDvTkg7NbfOwG8EKktluZkV8cjUbTc8jAvIqw2mjUkROB-BHEnckUdxsFixW4HajEbIR50gHXQlqLngfi-M88u5Zwq-uA65SkK8_nj-LmzPs1EBJ2hFUhFnkVHxRTNSVObTACLvlwtHElq6cWIYKIQViBs1qiHS-WKJPTT6Ze_WEvFSicY2tgPQIt2tGfhdxuVuHMbjgUOji4uEZwRX7c6tRi9bSlSky8f3q-rJUzT39pBFS5k6MckpJTCxZEiWfKif3baFxjw9ba-RPjfdNUmim-u2wGgIl13FybFRnlpt6xOWiEkul3IceI0VdfoGKfmK8OZo61WKv8MViMtNdzdI77i_fk

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 62ms
58ms Image
image/gif 2600:1f18:1aca:4282:5259:92bb:11a5:b49e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1878995&asId=ccfa3516-fb8d-cb67-68a4-c49aa4731447&tv=%7Bc:1YsKcw,pingTime:1,time:1655,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:538%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1655,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:537,wc:0.0.1600.1200,ac:436.739.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1141~100%5D,as:%5B1141~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:778,fm:u24Y6dH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1878995-77282216%7C1b1%7C1b2%7C1b31%7C1b4%7C1c1%7C1c21%7C1c3%7C1c4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:540,sis:1549%7D&br=c
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5259:92bb:11a5:b49e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:23 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 63ms
59ms Image
image/gif 2600:1f18:1aca:4282:5259:92bb:11a5:b49e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1878995&asId=ccfa3516-fb8d-cb67-68a4-c49aa4731447&tv=%7Bc:1YsKcx,pingTime:1,time:1656,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:538%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1656,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:537,wc:0.0.1600.1200,ac:436.739.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1142~100%5D,as:%5B1142~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:778,fm:u24Y6dH+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b*.1878995-77282216%7C1b1%7C1b2%7C1b31%7C1b4%7C1c1%7C1c21%7C1c3%7C1c4,idMap:1b*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:540,sis:1549%7D&br=c
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5259:92bb:11a5:b49e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:23 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B58D 17 KB
6 KB 110ms
109ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 08:39:23 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4018 0
0 100ms
100ms Fetch
image/gif 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswLKC7qmk7qE6iQR0j_znYiLgfPK1Y2BKkvbbD-Vp6cJrv-Ie2u1ogwGFaxciRp6mxxlf3_bGfavYDOqziNkOsc3I5a6OA9cHZXUyDHFFCNroHuaoHwgUHcU8BAvIcg1VPL6TjByyaLJX-dAOYnRF6uyrOL2CKiwWMNXHilSpx&sai=AMfl-YRTcs9k8YJKSjDmXw5gs9GD9jfRhpZUYotbF_n8856deUNRfarJCvid_yKSVbgqtotKTEbAprtTcOLwyVMOelwN8qxbc7FMKGJ8Xg&sig=Cg0ArKJSzBENXh2c3FXKEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2222&vt=11&dtpt=1601&dett=3&cstd=602&cisv=r20240118.54252&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4018 0
0 100ms
99ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssQWOYOv994-YibiqZsED8DtVSXwL8HkI69IQXSt4LYAhMOoNRxDA408xm5z4JPvDhQebitsi_l6uWC1bhmxZzSY9LWmEUtyXG5Atv2bUW4L2UM9URY2hwx3xaUlc5VkHfXTRASm5vQigOLaE4chz9zPi42cD04qjdm7rY0aRY4HRDtIdETu5DT5IKJlIobbrcRtPpsrro8e5o6u7hk-CXQqncUsEHhYo-aCz7yOHtHkEBeznPrXelWUWuaGGbhTa4GpnySLtXfd5IBEzz0YulAV9bEDvRHUGqasQ2pyo-zZtfexCL43jt1Ku_FOs2JtNgDklZlXPjQpZIDn4Oj7vSkuihEc-SRQSv9dYGHXDGmhej65yu5Ek__YdD0v7mrMj_X76-xfs6d&sai=AMfl-YTvEPoLVoFgdkuPfm18H-0c06n94jK0qFdQwyQHIIK-mr263vnByKXL0FTgXHDwDfL3AKJUb1C44lW2EZ7SLQMMTuYCZncT4PTMpBmr8mR97QJL-eVkeX2hQzTd8W4EmthYBMuGihFmtZE3fhrWzSs&sig=Cg0ArKJSzHH6y0rPBt7NEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 22 Jan 2024 08:39:23 GMT

GET
H3 200 swirl_dots.png
s0.2mdn.net/sadbundle/7706539330959380364/images/ Frame 402A 3 KB
3 KB 66ms
65ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/images/swirl_dots.png?1666372183159

Requested by

Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baadaa49bd2be83b71eb55d9ba0ed37c97ce24c600549a2a0fba6b11133bec92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:15:31 GMT
date: Fri, 19 Jan 2024 13:15:31 GMT
x-content-type-options: nosniff
age: 242632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3274
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 RCb0087cb9b745475f8eebfee76311f88a-source.min.js Show response
assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/ 995 B
823 B 74ms
73ms Script
application/x-javascript 2600:141b:1c00:209e::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/bc7de70d4358/RCb0087cb9b745475f8eebfee76311f88a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/2c8c1e17b98c/6ec407d4fefa/launch-9ec3309f596b.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:209e::1e80 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3992dd344f50accf1347ed75b101a0bdd5bead7e7b2c05d5651ddd37c9e74bbd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 18:00:18 GMT
server: AkamaiNetStorage
etag: "bf801b5dda07367e1e3b2e2c47071434:1705514418.423323"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 565
expires: Mon, 22 Jan 2024 09:39:23 GMT

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame A8E2 32 KB
11 KB 92ms
85ms Document
text/html 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/bidexchange.js?cid=8CU66J63J&version=5.1&dn=cffr01.ourmd.store

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

c8d896cffac7f4364a6449c90a8f4ef9938d3258ab5c020e637e3dd3d5d1fed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 10965
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 08:39:23 GMT
expires: Wed, 24 Jan 2024 08:39:23 GMT
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 132ms
130ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401160101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8588838f155895f24ecffcd485a2768c194d01a16b67f386c6df2c23d4933249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12374
x-xss-protection: 0

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame DA9B 565 B
348 B 77ms
75ms Document
text/html 23.56.163.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js

Protocol

Security

QUIC, , AES_256_GCM

Server

23.56.163.9 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.6b24c317.1705912763.4ac2738c
alt-svc: h3=":443"; ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 08:39:23 GMT
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
quic-version: 0x00000001
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 9431064805666455

GET
H3 200 swirl_white.png
s0.2mdn.net/sadbundle/7706539330959380364/images/ Frame 402A 5 KB
5 KB 73ms
66ms Image
image/png 2607:f8b0:4006:81d::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7706539330959380364/images/swirl_white.png?1666372183159

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5db17b9308f7795e58948f0b8bac8b214e2944c8c521c11f3d1dcf086e2cb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7706539330959380364/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 18 Jan 2025 13:21:44 GMT
date: Fri, 19 Jan 2024 13:21:44 GMT
x-content-type-options: nosniff
age: 242260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4731
x-xss-protection: 0
last-modified: Wed, 04 Jan 2023 18:01:15 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 58ms
50ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-3ZVJC9H4TB&gtm=45je41h0v872629505&_p=1705912757480&gcd=11l1l1l1l1&dma=0&cid=745845248.1705912758&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1705912758&sct=1&seg=1&dl=https%3A%2F%2Fcffr01.ourmd.store%2F&dt=WebMD%20-%20Better%20information.%20Better%20health.&_s=2&tfd=7111
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3ZVJC9H4TB&l=gtagDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cffr01.ourmd.store/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cffr01.ourmd.store
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 76CA 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 02:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 02:35:15 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 60ms
59ms Image
image/gif 2600:1f18:1aca:4282:5259:92bb:11a5:b49e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1878995&asId=ccfa3516-fb8d-cb67-68a4-c49aa4731447&tv=%7Bc:1YsKh2,pingTime:-10,time:1935,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705912764055%7C%7Cfd204a1e42ebe786c7c23e9d19a378bb%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7Cb15a9716dd1044dceb1932dd3e82da34%7C%7Cc66a53e8e0e4dcde3646ed27dfc84425%7C%7C2e67abc21c195343075678a6791dcbdb%7C%7Cf8aae51c5ea56bba33ef42f67fbefed1%7C%7C5517aede98afef83902398dd2296e90b%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:5259:92bb:11a5:b49e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 tracker.min.js Show response
ibclick.stream/assets/js/track/dist/js/v1/ 88 KB
29 KB 360ms
137ms Script
application/javascript 2606:4700:3036::ac43:cadb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ibclick.stream/assets/js/track/dist/js/v1/tracker.min.js
Requested by: Host: cffr01.ourmd.store
URL: https://cffr01.ourmd.store/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:cadb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c43985be26e000897fe43ffcfea945dfa23d744be4bae8e25c7fb8886b7c80f

Request headers

Referer: https://cffr01.ourmd.store/
Origin: https://cffr01.ourmd.store
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:24 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 06 Jan 2021 04:59:32 GMT
server: cloudflare
etag: W/"161f4-5b83430515500"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbZ0DBHVcJGgg9D7tGa%2BfDylrsrz6lNz31ZlpJYmcnA%2Bmy3hysAoijiA7800iZsgGnS42lWzSuYqauKVMvJO7WqJDHidXZfosierdcO7eepAUxsXn%2FZHr6zC1BBhNrusTP43e8rK%2FqWvC5bJuA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600, must-revalidate
cf-ray: 84967c78efbe7449-MIA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 109ms
109ms Script
text/javascript 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401160101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 22 Jan 2024 08:39:24 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F323 16 KB
6 KB 227ms
65ms Document
text/html 23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://hbx.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=158821
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 22 Jan 2024 08:39:24 GMT
expires: Wed, 24 Jan 2024 04:46:25 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 467D
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

239ms
94ms

Document
text/html

23.46.226.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.226.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-226-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://hbx.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Jan 2024 08:39:24 GMT
ETag: "20524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 22 Jan 2024 08:39:24 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET
H2

200

cksync.php
hbx.media.net/ Frame A8E2
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dapx%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fhbx.media.net%252Fcksync.php%253Fcs%253D1%2526vsid%253D3489143581523551000V10%2526type%253Dapx%2526refUrl%253D%2526vid%253D59127641203489...
https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=apx&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=6219948187244556321

57 B
480 B

96ms
95ms

Image
image/gif

23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=apx&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=6219948187244556321

Requested by

Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=

Protocol

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 22 Jan 2024 08:39:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
an-x-request-uuid: dc43a023-1a4c-4670-a2a2-1b02b661dad5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=apx&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=6219948187244556321
x-proxy-origin: 38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cksync.php
hbx.media.net/ Frame A8E2
Redirect Chain

https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%...
https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=252d85152561126e&is_secure=true&version=1&networkId=57734&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%...
https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=con&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=AAAG_BtrnvC59gNIlPpGAAAAAAA&expiration=1705999164&is_secure=tru...

57 B
488 B

97ms
97ms

Image
image/gif

23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=con&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=AAAG_BtrnvC59gNIlPpGAAAAAAA&expiration=1705999164&is_secure=true&gdpr_consent=&gdpr=0

Requested by

Protocol

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 22 Jan 2024 08:39:24 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:24 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=con&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=AAAG_BtrnvC59gNIlPpGAAAAAAA&expiration=1705999164&is_secure=true&gdpr_consent=&gdpr=0
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

sync
pippio.com/api/ Frame A8E2
Redirect Chain

https://i.liadm.com/s/35002?bidder_id=98250&bidder_uuid=3489143581523551000V10
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=32ee165e-2c50-4403-8d87-7c22c920ef5d
https://p.rfihub.com/cm?pub=39342&in=1&userid=0673be3e-32bc-432c-9d0c-2278fba59975%3A1705912764.6314485&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D0673be3e-32bc-432c...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810316570283538814&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D0673be...
https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=0673be3e-32bc-432c-9d0c-2278fba59975%3A1705912764.6314485&pid=500040&it=1&iv=0673be3e-32bc-432c-9d0c-2278fba59975%3A1705912764.6314485&_=170...
https://pippio.com/api/sync?it=1&pid=500040&_=1705912764.6331882&iv=0673be3e-32bc-432c-9d0c-2278fba59975:1705912764.6314485

42 B
570 B

158ms
76ms

Image
image/gif

107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?it=1&pid=500040&_=1705912764.6331882&iv=0673be3e-32bc-432c-9d0c-2278fba59975:1705912764.6314485
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: H2
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Location: https://pippio.com/api/sync?it=1&pid=500040&_=1705912764.6331882&iv=0673be3e-32bc-432c-9d0c-2278fba59975:1705912764.6314485
Date: Mon, 22 Jan 2024 08:39:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 51C5 13 KB
5 KB 67ms
65ms Document
text/html 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 108813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 02:25:51 GMT
expires: Mon, 20 Jan 2025 02:25:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4056 829 B
982 B 88ms
86ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d153cd2c2c13674b730e0206bfd05c737bd8e411ab105303ddd97c15dc870004

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T6IXtz-yS42nawXCm-O-Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-T6IXtz-yS42nawXCm-O-Ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 22 Jan 2024 08:39:24 GMT
expires: Mon, 22 Jan 2024 08:39:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4056 0
0 246ms
245ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401160101&jk=191031758407756&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 51C5 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 02:35:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 02:35:15 GMT

GET
H3 200 ib.html Show response
ibclick.stream/ Frame 4745 191 B
701 B 206ms
131ms Document
text/html 2606:4700:3036::ac43:cadb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ibclick.stream/ib.html
Requested by: Host: ibclick.stream
URL: https://ibclick.stream/assets/js/track/dist/js/v1/tracker.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:cadb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 619dc4f4ff3223e7507884f55e258b12a2c78a71b53b626cf03b4a1d56b93753

Request headers

Referer: https://cffr01.ourmd.store/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 84967c7a7d1b67c2-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 22 Jan 2024 08:39:24 GMT
last-modified: Wed, 06 Jan 2021 04:56:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IL%2BbYxtA6Xb%2Fq1BodvleZiNRp8PJqnnlPkDe82hXh7em%2BoO6CX0t5vjpICKXWOOsghZuShpLjMVQ7LaKvHUWHJacIT2Em%2BH4xqdxNRrb6z13DVp6kAvO%2Ffx3KmLDXkBEklmKMR5X7SqjqCvkKw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F323 2 KB
2 KB 229ms
64ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38660216&p=156176&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3f10180aa2c0431d5fe7c9c650076f36b74e652e81c91013f6ee398c4a97b086

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 22 Jan 2024 08:39:23 GMT
content-length: 1694
content-type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 51C5 0
10 B 65ms
64ms Image
text/plain 2607:f8b0:4006:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?973gWA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 tracker.min.js Show response
ibclick.stream/assets/js/track/dist/js/v1/ Frame 4745 88 KB
29 KB 43ms
42ms Script
application/javascript 2606:4700:3036::ac43:cadb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ibclick.stream/assets/js/track/dist/js/v1/tracker.min.js
Requested by: Host: ibclick.stream
URL: https://ibclick.stream/ib.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:cadb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c43985be26e000897fe43ffcfea945dfa23d744be4bae8e25c7fb8886b7c80f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ibclick.stream/ib.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2459
p3p: CP="This site does not have a p3p policy."
alt-svc: h3=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 06 Jan 2021 04:59:32 GMT
server: cloudflare
etag: W/"161f4-5b83430515500"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=376t2viuMhd2Przaz82YMQ0zY7bZUF0YBgWqpASPaUUGSHv1IG6DsI3mh%2BIiLQYhqa4ZbkDs999jgMRW2DVCwi6u1%2F4%2BGrZyLVXAsP53NtMBprjNM66eDKNF0cI%2FmvEutMeUnLCBC2UXhs7prw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600, must-revalidate
cf-ray: 84967c7b6d9167c2-MIA

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 467D 40 KB
11 KB 68ms
68ms Script
text/html 23.46.226.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.46.226.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-46-226-102.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 592527b75a0ebc892d4f4bd1af4deeb16a28a9177557c1de633c749765673635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 22 Jan 2024 08:39:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Jan 2024 17:16:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=31003
Connection: keep-alive
Content-Length: 10962
Expires: Mon, 22 Jan 2024 17:16:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FE2 42 B
64 B 99ms
98ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIp92vycifWUElJ7SqVrgnoQwWcUw_nG-R4qEzLEYYMT8wVn5xpDNX7uci5uHHRtgGBUL7m2mh1anva1ML79mpR9opZEMiBKqptCXeqILSAXHN_gRoQvTiqGDq1ep0IB63OhDVOsxQnF5MQI-QuNQ8DLfVgVDWT-UijBDG0UvnXehpDtXhUZveCTOBkorxCEJsL4fBzYob4FBcTd1UlEWrtA4PlBU8ckOOkfGPO9AmETwcluDdiJy3hw&sai=AMfl-YRmx580V8RJvP5R1Cy2bJIpNd3wqC2ZSRfwdB-LTiiF5H06mkAb4HMn_fx1N7lKxON1ykDRZURaZNgnUqKOeyBrap0xedd6X1NCSliWU5uLZ98un-n0xtCP3utoXvZtVjdehoWGxbzWTEP1gzq3&sig=Cg0ArKJSzC4V4I6_QHL1EAE&id=lidar2&mcvt=1011&p=738,436,828,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20240117&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3282889101&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705912760762&rpt=2932&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm Show response
s.amazon-adsystem.com/ Frame DA4C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

111ms
110ms

Document
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 22 Jan 2024 08:39:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: P2Q0FSGFNRWBH6JC67T5

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 22 Jan 2024 08:39:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: GWYE1BR6AE71XZBD0JH9

GET
H2 200 cksync.php Show response
hbx.media.net/ Frame 71F1 57 B
495 B 87ms
79ms Document
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=pb&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=DBEABD29-FD13-4347-9742-5A604F1F78F7

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 57
content-type: image/gif
date: Mon, 22 Jan 2024 08:39:24 GMT
expires: Mon, 22 Jan 2024 08:39:24 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2: E

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F323
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2-q9Kf0TQ0eXQlpgTx949w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

68ms
66ms

Image
text/html

23.51.57.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Server: 23.51.57.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-13.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:24 GMT
content-encoding: gzip
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=158821
accept-ranges: bytes
content-length: 5622
expires: Wed, 24 Jan 2024 04:46:25 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame F323
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=DBEABD29-FD13-4347-9742-5A604F1F78F7
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=517db243-6627-4068-93fb-dd5e8fe2bb8a%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aa507ada-247e-4f3b-9002-263cd678f8a0&ttd_puid=517db243-6627-4068-93fb-dd5e8fe2bb8a%2C%2C

95 B
433 B

53ms
52ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aa507ada-247e-4f3b-9002-263cd678f8a0&ttd_puid=517db243-6627-4068-93fb-dd5e8fe2bb8a%2C%2C

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=aa507ada-247e-4f3b-9002-263cd678f8a0&ttd_puid=517db243-6627-4068-93fb-dd5e8fe2bb8a%2C%2C
date: Mon, 22 Jan 2024 08:39:24 GMT
server: Kestrel
content-length: 359

GET
H2 403 FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame F323 0
0 205ms
68ms Image
text/html 40.76.134.238
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20DBEABD29-FD13-4347-9742-5A604F1F78F7&rnd=RND
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2

200

xuid
eb2.3lift.com/ Frame F323
Redirect Chain

https://eb2.3lift.com/xuid?mid=7976&xuid=DBEABD29-FD13-4347-9742-5A604F1F78F7&dongle=u6nf&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=DBEABD29-FD13-4347-9742-5A604F1F78F7&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

63ms
62ms

Image
image/gif

52.223.22.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=DBEABD29-FD13-4347-9742-5A604F1F78F7&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Server: 52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: afb83dd09526a6517.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 22 Jan 2024 08:39:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7976&xuid=DBEABD29-FD13-4347-9742-5A604F1F78F7&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date: Mon, 22 Jan 2024 08:39:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F323
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=REJFQUJEMjktRkQxMy00MzQ3LTk3NDItNUE2MDRGMUY3OEY3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

303ms
64ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 22 Jan 2024 08:39:24 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F323
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJFKlABku_GhGq1Q_GqH40&google_cver=1

42 B
347 B

306ms
65ms

Image
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJFKlABku_GhGq1Q_GqH40&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 22 Jan 2024 08:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIJFKlABku_GhGq1Q_GqH40&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame F323
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=

42 B
541 B

317ms
58ms

Image
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 22 Jan 2024 08:28:50 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=
date: Mon, 22 Jan 2024 08:39:24 GMT
server: Kestrel
content-length: 355

GET
H2 200 DBEABD29-FD13-4347-9742-5A604F1F78F7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F323 43 B
602 B 390ms
61ms Image
image/gif 2600:1f18:4e9:5a01:be9b:992f:e8b1:e17d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/DBEABD29-FD13-4347-9742-5A604F1F78F7?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a01:be9b:992f:e8b1:e17d Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame F323
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=DBEABD29-FD13-4347-9742-5A604F1F78F7&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nyTi_2RE2uUENjc6aqfPGTKWGd7yQVQ-~A&gdpr=0

0
260 B

257ms
65ms

Image
text/plain

162.248.18.34
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nyTi_2RE2uUENjc6aqfPGTKWGd7yQVQ-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Server: 162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nyTi_2RE2uUENjc6aqfPGTKWGd7yQVQ-~A&gdpr=0
date: Mon, 22 Jan 2024 08:39:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 467D 7 B
765 B 357ms
58ms XHR
application/json 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 961e708718863ce5d2a91761d33d869a
Expires: 0

GET
H3 200 csc-event
ibclick.stream/ 37 B
596 B 122ms
121ms Image
image/gif 2606:4700:3036::ac43:cadb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ibclick.stream/csc-event?p=0%3Alrooexl1%3Ae51d4e0b-8742-4dcc-b8c7-323ff6c62f4a&s=0%3Alrooexlb%3A28638b06-d6ee-472a-91ed-828da87b07fb&v=0%3AdxiLUjDtmj6T~l3ooRsncoDlKjBK6vgm&e=0%3AdxiLUjDtmj6T~l3ooRsncoDlKjBK6vgm0&c=lrooexn6&n=f&f=f&l=https%3A%2F%2Fcffr01.ourmd.store%2F&i=18g&j=xc&k=1&w=18g&h=xc&t=pageView&u=(seventText!WebMD%20-%20Better%20information.%20Better%20health.!ssite!webmd.com!svertical!health%20consumer!ssnippetVersion!1.2!strackerJsSha!235fbc5e!ssource!snippet!tcookieEnabled!)&x=-h0ddak
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:cadb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6b3edc43-20ec-4078-bc47-e965dd76b88a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfGNidrLwVO3xAuFZLPGFEsuClpPVaygY4KCvWUhw8RT5KEVf%2BTYai1WZfDyMrgwQItikS%2BO0iXNyhYMVeqbjvr8KAwmJgecwsR2DX%2FXl408XibSwE6lsZ5l%2FLFfxrJtVszFdEaZ7X%2FDKEeYZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
p3p: CP="This site does not have a p3p policy."
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 84967c7cae8967c2-MIA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: Fri, 14 Apr 1995 11:30:00 GMT

GET
H3

200

cksync.php
contextual.media.net/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LROOEXVR-5-E6RS
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LROOEXVR-5-E6RS

57 B
81 B

96ms
95ms

Image
image/gif

23.46.224.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=LROOEXVR-5-E6RS

Requested by

Protocol

Server

23.46.224.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

quic-version: 0x00000001
pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 22 Jan 2024 08:39:25 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Mon, 22 Jan 2024 08:39:25 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=LROOEXVR-5-E6RS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401160101&jk=191031758407756&bg=!JySlJGvNAAa8BdJLnAU7ADQBe5WfOLnhyB8nFTP842v9d7HMSdleJYkUJtsC6T3IXDKlyVhujpG4SM34FdBVUdLXF4RhAgAAAOVSAAAABGgBB5kCuvHP2k6t3OQ6AD6BjdRb72ICgY3S8Zb1CXrjcGd44LvqA8_n6mCDrzlGGPRtmkSXnIEZEB9tnoeePsSMcX2IoE56EZjgOsifD-F6bHjmC8aMqi_jlwTiQXcxFNYsFQcsbQSdCzitcx-H6GuG7KtZ-JdrgQksYfSNi4jUe2Q0MvBFtclrIbhi6TXXZvdhwFBA7AYBo4z5DDq_reifxofLEFt3p0SmFX2YvsFMoHdmwOMPnRQ75VvVScaHq1R-8WbnQ2hgjHQOST36lTUUex-hPoCFJuRJ8O4Sx-zAarZxN3e966Ju-4ihxbaTO5YhUnJqEMgP2B1K4t5E6IEWZpRq6sdhSBnJeEoCecVqOI_7SqJ6deYD_zJ3IYEPqRkEe0TyBBuf2n6bbLdmFdmB80WwNOjKP2nMXCHJIL_XxZ9PDWWYTxlRyUdMUUlai8yvw9rC0wGZGtdL1MjRJ3Hpas2Sg7wXWX8bPVxBDPnLbwFdlja453Krye1FE3amrkI2zm7VRK3C3rHc9_Er6HpST3xrPTNyt9OUlgTTHcDhtyI3Onun-lg2ZpdvHHCrpyKruw625Is_8in2JRkzARiPNFw1SrW2JFVxPCQF-wWsvpvrgk8uEsk_uht3d5FO9XRRc-gMwA99eUQxXxN2PEMWjTtPoAuCOYutJbLKhUEhPD1XIN0XlBxdDEUuls8vb8GgHJlfXMhcg9Q4GOZ_7QRMeA-A7pjlYQx2SLehKWGEsViJIr3xMGmQsXlVFkHkdseO8zXc1VAOn0QXTNBxIHJeGkMXsF_m_x3BYGVOw52PBdnL9raxslsKwI1spPbK6256A-X6YoBFVUCr1qw6O8YP-MOxLvPimejbLUcfzv0DGCClZ0lRBjLOYBU2oA3WT9O6XO-IVnJMni4JmmS4R-3YAT57DMIwSPa9g0Zf2MZJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LROOEXVR-5-E6RS&ex=d-rubiconproject.com&status=ok

43 B
479 B

67ms
65ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LROOEXVR-5-E6RS&ex=d-rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AWHFYE14GF4QQH6YVMBH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LROOEXVR-5-E6RS&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 467D
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFJPT0VYVlItNS1FNlJT
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENGmpzIEtO-pUdeZfTNFnCw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPT0VYVlItNS1FNlJT&google_push=

170 B
188 B

80ms
78ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPT0VYVlItNS1FNlJT&google_push=

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFJPT0VYVlItNS1FNlJT&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 467D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKROnmTI8L38iArxZoe_-bA&google_cver=1

42 B
831 B

151ms
58ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKROnmTI8L38iArxZoe_-bA&google_cver=1
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKROnmTI8L38iArxZoe_-bA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 467D
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=&expires=30

42 B
831 B

112ms
58ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 961e708718863ce5d2a91761d33d869a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=aa507ada-247e-4f3b-9002-263cd678f8a0&gdpr=0&gdpr_consent=&expires=30
date: Mon, 22 Jan 2024 08:39:25 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 467D
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UFIuCL3TQn6ZJykGY5speA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UFIuCL3TQn6ZJykGY5speA

43 B
479 B

74ms
66ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UFIuCL3TQn6ZJykGY5speA

Requested by

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 3R21ST3QQZ023YCC5ZP0
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UFIuCL3TQn6ZJykGY5speA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 467D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LROOEXVR-5-E6RS

0
731 B

185ms
100ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LROOEXVR-5-E6RS
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:24 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E86EB79DD2324AC98A93492EBE8DB17C Ref B: MIAEDGE1616 Ref C: 2024-01-22T08:39:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPhMRpI/vEoP4+STcqJg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LROOEXVR-5-E6RS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 467D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2MDVjYjdkNzUyODQwZjc0Mzg1NzMzMGMxMzY1NGZiYzNmZGUwNw

170 B
188 B

83ms
81ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2MDVjYjdkNzUyODQwZjc0Mzg1NzMzMGMxMzY1NGZiYzNmZGUwNw

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Zjc2MDVjYjdkNzUyODQwZjc0Mzg1NzMzMGMxMzY1NGZiYzNmZGUwNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 467D 43 B
855 B 520ms
218ms Image
image/gif 67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: V8FB9QNFA5EEXY6ZAKF2
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 467D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/DWQaiMZUNi56X41aydY2DQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v7WVW05E2oLUgVZS53vo8lu4MfByXy4sut7H_w--~A

42 B
831 B

62ms
58ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v7WVW05E2oLUgVZS53vo8lu4MfByXy4sut7H_w--~A
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CU66J63J&cs=1&cv=37&hb=1&vsSync=1&prvid=3%2C23%2C29%2C54%2C77%2C79%2C96%2C97%2C107%2C108%2C126%2C226%2C229%2C262%2C296%2C326%2C327%2C338%2C339%2C344%2C345%2C351%2C374%2C440%2C441%2C455%2C459%2C461%2C550%2C2043%2C3003%2C3012%2C3016%2C3030%2C3053%2C3054&refUrl=&gdpr=0&gdprconsent=0&gdprstring=&usp_status=0&usp_consent=1&uspstring=&axid_e=&coppa=0&ckdel=0&gpp=&gpp_sid=
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 961e708718863ce5d2a91761d33d869a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 22 Jan 2024 08:39:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-v7WVW05E2oLUgVZS53vo8lu4MfByXy4sut7H_w--~A
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 467D
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEKWU7LXFMAABOuyHQzsg&expires=30

42 B
831 B

58ms
57ms

Image
image/gif

8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEKWU7LXFMAABOuyHQzsg&expires=30
Protocol: HTTP/1.1
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAEKWU7LXFMAABOuyHQzsg&expires=30
Date: Mon, 22 Jan 2024 08:39:25 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
capi.connatix.com/us/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=19564
https://capi.connatix.com/us/pixel?puid=LROOEXVR-5-E6RS&pId=11&gdpr=&gdpr_consent=&us_privacy=
https://capi.connatix.com/us/pixel?puid=LROOEXVR-5-E6RS&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true

82 B
82 B

87ms
86ms

Image
image/gif

104.18.41.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/us/pixel?puid=LROOEXVR-5-E6RS&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol: H2
Server: 104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84967c81d9508db5-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 22 Jan 2024 08:39:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
location: https://capi.connatix.com/us/pixel?puid=LROOEXVR-5-E6RS&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 84967c8148ff8db5-MIA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 467D
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LROOEXVR-5-E6RS

95 B
124 B

55ms
54ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LROOEXVR-5-E6RS

Requested by

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

Location: https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LROOEXVR-5-E6RS
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b08401febecfa1b1a0c0270265f29df4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LROOEXVR-5-E6RS
https://ce.lijit.com/merge?pid=80&3pid=LROOEXVR-5-E6RS&dnr=1

43 B
663 B

68ms
67ms

Image
image/gif

63.251.86.50
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LROOEXVR-5-E6RS&dnr=1
Protocol: HTTP/1.1
Server: 63.251.86.50 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LROOEXVR-5-E6RS&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2dca1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LROOEXVR-5-E6RS
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LROOEXVR-5-E6RS
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LROOEXVR-5-E6RS&ckls=true&ci=oLeRpEvH0f&nc=false&trid=-1975472926

43 B
1 KB

231ms
76ms

Image
image/gif

18.173.219.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LROOEXVR-5-E6RS&ckls=true&ci=oLeRpEvH0f&nc=false&trid=-1975472926
Protocol: H2
Server: 18.173.219.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-5.jfk52.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:26 GMT
via: 1.1 db3aadb774ec5a569953130c5f0264d0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: Cp3fG2XAoUwuJJnfvZWL9EK6lZJajZ7dGvjoIw_ypdd7qWMcJWY9ng==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Jan 2024 08:39:26 GMT
via: 1.1 3087aea10f3b11e0dd724415f9afc740.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LROOEXVR-5-E6RS&ckls=true&ci=oLeRpEvH0f&nc=false&trid=-1975472926
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: bWYiOUZ5dF4GNpoLJI5hPetL_1Tpwbogqkr9BaUYeQ3veRio8H_5eA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LROOEXVR-5-E6RS

0
449 B

245ms
68ms

Image
text/plain

147.75.195.55
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LROOEXVR-5-E6RS
Protocol: H2
Server: 147.75.195.55 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LROOEXVR-5-E6RS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 467D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LROOEXVR-5-E6RS

68 B
280 B

215ms
59ms

Image
image/png

52.71.125.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LROOEXVR-5-E6RS
Protocol: H2
Server: 52.71.125.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-125-247.compute-1.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 08:39:25 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LROOEXVR-5-E6RS
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 961e708718863ce5d2a91761d33d869a
Expires: 0

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame 6E4A 0
299 B 121ms
46ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=29799932d24b4574a3d8cef06d0bfe5e&flavor=0&gdpr=&gdpr_consent=&ee_dp_isom=1&pltm=1&ee_dp_btreg=6494257801138458794120&ee_dp_btros_64=3&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_btros_32=0&ee_dp_btros_8192=3&ee_dp_asmm=1&vdur=467&eoid=27&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5256&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=78&tetms=13&msltms=157&vltms=467&sei=290&vetms=150&tuviims=238&tuviems=855&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=6&sim=3&mascid=29799932d24b4574a3d8cef06d0bfe5e&msrcanlm=392&msrcannum=3&ee_dp_tmads=3164&ismms=1661&isumms=1661&nvr=2&isgmmims=1661&isgmv4mims=1661&elmtp=1&isbxdms=3069&b0=1613&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=1613&sftb=1613&msrdp=3&naral=128&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=1660&dvp_hdnAd=0&dvp_dpr=1&vstsz=758&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3668
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5256.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cffr01.ourmd.store
Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-01-21T08:39:25

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame C99B 0
299 B 118ms
47ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=adac8037ffab4b208cd2fc0050fff1c0&flavor=0&gdpr=&gdpr_consent=&ee_dp_isom=1&pltm=1&ee_dp_btreg=6478994126138460198049&ee_dp_btros_64=3&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_btros_32=0&ee_dp_btros_8192=3&ee_dp_asmm=1&vdur=364&eoid=26&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5256&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=17&msltms=156&vltms=364&sei=290&vetms=154&tuviims=247&tuviems=765&engms=1&engisel=1&ee_dp_ddtes=1&dvp_dtcov=2&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=3129&ismms=1548&isumms=1547&nvr=6&isgmmims=1548&isgmv4mims=1548&elmtp=1&isbxdms=3049&b11=1749&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=1749&sftb=1749&msrdp=4&naral=128&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=2362&isuiabvms=2362&isgmpims=1547&isgmv4dpims=2362&ispmxpms=2362&engalms=1547&dvp_hdnAd=0&dvp_dpr=1&vstsz=758&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3542
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5256.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cffr01.ourmd.store
Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-01-21T08:39:25

POST
H/1.1 204
No Content event.png
tpsc-ue1.doubleverify.com/ Frame BDEB 0
299 B 48ms
47ms Ping
text/plain 34.117.228.201
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ue1.doubleverify.com/event.png?impid=f6f0377f6a804794b3120623e50e2028&flavor=0&gdpr=&gdpr_consent=&ee_dp_isom=1&pltm=1&ee_dp_btreg=574723951&ee_dp_btros_64=0&ee_dp_csc=1&ee_dp_cspf=1&ee_dp_btros_32=0&vdur=59&eoid=25&te_strt=1&te_init=7&te_sup=0&te_exec=0&msrjs=5256&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=78&tetms=19&msltms=106&vltms=59&sei=290&vetms=181&tuviims=208&tuviems=448&engms=1&engisel=1&ee_dp_ddtes=1&mascid=29799932d24b4574a3d8cef06d0bfe5e&dvp_dtcov=6&sadv=5221123576&ord=3290882848&litm=6494257801&scrt=138458794120&splc=%2F4312434%2Fconsumer%2Fwebmd%2Fhp-conwbmd&adu=25989674&spos=141&sim=3&ee_dp_asmm=1&msrcanlm=394&msrcannum=3&ee_dp_tmads=2356&ismms=132&isumms=132&nvr=2&isgmmims=132&isgmv4mims=132&elmtp=1&isbxdms=2344&b0=2436&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2436&sftb=2436&msrdp=2&naral=130&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=131&dvp_hdnAd=0&dvp_dpr=1&vstsz=759&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3254
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5256.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 201.228.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cffr01.ourmd.store/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cffr01.ourmd.store
Pragma: no-cache
Date: Mon, 22 Jan 2024 08:39:25 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2024-01-21T08:39:25

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame F323 0
260 B 194ms
58ms Script
text/plain 8.28.7.84
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156176&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 21:19:59 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame F323 2 KB
2 KB 67ms
66ms Script
text/html 104.36.115.113
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=10224991&p=156176&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 78a5585573de01f147981f5f665d46fc10f68fcb774422ac63e425266fb03cdf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 22 Jan 2024 08:39:26 GMT
content-length: 1668
content-type: text/html; charset=UTF-8

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C581
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6219948187244556321&gdpr=0&gdpr_consent=

42 B
297 B

58ms
58ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6219948187244556321&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 22 Jan 2024 08:39:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 0ac308c5-a942-47af-b338-d4b97ffd3a43
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 08:39:27 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6219948187244556321&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.23.4
x-proxy-origin: 38.132.118.67; 38.132.118.67; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B0C3
Redirect Chain

https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c12ac65c-b901-11ee-a1f9-513fff588743

42 B
322 B

59ms
58ms

Document
image/gif

8.28.7.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c12ac65c-b901-11ee-a1f9-513fff588743
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sun, 21 Jan 2024 20:44:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
content-type: image/gif
date: Mon, 22 Jan 2024 08:39:28 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=c12ac65c-b901-11ee-a1f9-513fff588743
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: lga-delivery-6

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 4D76
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFS1dVN0xYRk1BQUJPdXlIUXpzZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partneruserid=AAEKWU7LXFMAABOuyHQzsg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csyn%252C...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csyn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1178057023864063987&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?ev=AAEKWU7LXFMAABOuyHQzsg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1178057023864063987%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1178057023864063987&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=A...
https://sync.technoratimedia.com/services?uid=AAEKWU7LXFMAABOuyHQzsg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1178057023864063987%26gdpr%3D0%26gdpr%3D0%...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1178057023864063987&gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEKWU7LXFMAABOuyHQzsg&gdpr=0

42 B
279 B

65ms
65ms

Document
image/gif

162.248.18.37
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEKWU7LXFMAABOuyHQzsg&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 22 Jan 2024 08:39:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Mon, 22 Jan 2024 08:39:28 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEKWU7LXFMAABOuyHQzsg&gdpr=0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 8E5C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

61ms
60ms

Document
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za4pvwAQV-WsvgBH
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156176&userIdMacro=PM_UID&predirect=https%3A%2F%2Fhbx.media.net%2Fcksync.php%3Fcs%3D1%26vsid%3D3489143581523551000V10%26type%3Dpb%26refUrl%3D%26vid%3D59127641203489143581523551000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 22 Jan 2024 08:39:27 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760034-MIA
x-timer: S1705912768.932645,VS0,VE27

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 22 Jan 2024 08:39:27 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=Za4pvwAQV-WsvgBH
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mia-kmia1760034-MIA
x-timer: S1705912768.861380,VS0,VE26

GET
H2 200 cksync.php Show response
hbx.media.net/ Frame AF86 57 B
495 B 79ms
79ms Document
image/gif 23.199.48.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/cksync.php?cs=1&vsid=3489143581523551000V10&type=pb&refUrl=&vid=59127641203489143581523551000V10&axid_e=&ovsid=DBEABD29-FD13-4347-9742-5A604F1F78F7

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS