urlscan.io logo urlscan.io
SecurityTrails logo

medworm.com Open in urlscan Pro
45.157.179.87  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimaging.com%2Findex.php%...
Effective URL: https://medworm.com/
Submission: On January 11 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 13 domains to perform 51 HTTP transactions. The main IP is 45.157.179.87, located in and belongs to NETCUP-AS netcup GmbH, DE. The main domain is medworm.com.
TLS certificate: Issued by R3 on December 17th 2020. Valid for: 3 months.
This is the only time medworm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 45.157.179.87 197540 (NETCUP-AS...)
4 23.111.9.35 33438 (HIGHWINDS2)
3 2a00:1450:400... 15169 (GOOGLE)
5 104.108.144.24 16625 (AKAMAI-AS)
2 104.22.52.65 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
2 2.16.177.115 20940 (AKAMAI-ASN1)
3 104.76.200.23 16625 (AKAMAI-AS)
7 100.24.200.179 14618 (AMAZON-AES)
1 2600:1f18:42d... 14618 (AMAZON-AES)
1 52.52.52.5 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
51 17
9    45.157.179.87 (None, )

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: medworm.com
www.medworm.com
medworm.com
4    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
3    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
www.googletagservices.com
5    104.108.144.24 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    104.22.52.65 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
partner.googleadservices.com
2    2.16.177.115 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-177-115.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
3    104.76.200.23 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-23.deploy.static.akamaitechnologies.com
lg3.media.net
7    100.24.200.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-200-179.compute-1.amazonaws.com
dt.clnmde.com
1    2600:1f18:42df:3a01:212:695a:6398:d43a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt6.clnmde.com
1    52.52.52.5 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-52-5.us-west-1.compute.amazonaws.com
navvy.media.net
2    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
8 medworm.com 1 redirects medworm.com
7 dt.clnmde.com pxlclnmdecom-a.akamaihd.net
medworm.com
6 pagead2.googlesyndication.com medworm.com
pagead2.googlesyndication.com
5 contextual.media.net medworm.com
contextual.media.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 use.fontawesome.com medworm.com
use.fontawesome.com
3 lg3.media.net medworm.com
contextual.media.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
pxlclnmdecom-a.akamaihd.net
2 www.google-analytics.com medworm.com
www.google-analytics.com
1 navvy.media.net contextual.media.net
1 dt6.clnmde.com medworm.com
1 c.statcounter.com www.statcounter.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.statcounter.com medworm.com
1 www.medworm.com 1 redirects
51 20

This site contains no links.

Subject Issuer Validity Valid
medworm.com
R3		 2020-12-17 -
2021-03-17		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2020-02-25 -
2021-05-26		 a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.clnmde.com
Amazon		 2020-06-04 -
2021-07-04		 a year crt.sh
dt6.clnmde.com
Amazon		 2020-04-27 -
2021-05-27		 a year crt.sh

This page contains 8 frames:

Primary Page: https://medworm.com/
Frame ID: B0B3C1417B5AC5104B7EA3746822CB7E
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: C482C30DEECB7F817541915CB1AF6754
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5993214362050732&output=html&adk=1812271804&adf=3025194257&lmt=1610380950&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmedworm.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610380950056&bpp=17&bdt=190&idt=85&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2282868437192&frm=20&pv=2&ga_vid=1052155703.1610380950&ga_sid=1610380950&ga_hid=1078687341&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=2970689819206604&pem=155&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=106
Frame ID: 22ADD03FD2C19CDE79E15963ED607456
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5993214362050732&output=html&h=90&slotname=3297554054&adk=3628710515&adf=4175546147&pi=t.ma~as.3297554054&w=728&lmt=1610380950&psa=0&format=728x90&url=https%3A%2F%2Fmedworm.com%2F&flash=0&wgl=1&dt=1610380950073&bpp=4&bdt=207&idt=140&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2282868437192&frm=20&pv=1&ga_vid=1052155703.1610380950&ga_sid=1610380950&ga_hid=1078687341&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=2970689819206604&pem=155&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1Zk1jeBj7N&p=https%3A//medworm.com&dtd=144
Frame ID: 6393D84DB193B83FC17A77DDC7E5657E
Requests: 1 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: E0203B31B78BD94E32D3BB39FD7C7CB9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Frame ID: 2D500A42ACE1CC4E317611A9474461B5
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/4a/nrrV67306.js
Frame ID: 1908EA828590D83F23B69D658111E513
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: B671F929424E44BDADC170DC137AD1C8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimag... HTTP 301
    https://medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimag... HTTP 302
    https://medworm.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /react.*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

51
Requests

100 %
HTTPS

44 %
IPv6

13
Domains

20
Subdomains

17
IPs

6
Countries

619 kB
Transfer

1569 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimaging.com%2Findex.php%3Foption%3Dcom_articles%26view%3Darticle%26id%3D24613%3Amayo-physicians-use-novel-mri-guided-ablation-technique%26division%3Dhiit HTTP 301
    https://medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimaging.com%2Findex.php%3Foption%3Dcom_articles%26view%3Darticle%26id%3D24613%3Amayo-physicians-use-novel-mri-guided-ablation-technique%26division%3Dhiit HTTP 302
    https://medworm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
medworm.com/
Redirect Chain
  • http://www.medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimaging.com%2Findex.php%3Foption%3Dcom_articles%26view%3Darticle%26id%3D24613%3Amayo-physicians-use-no...
  • https://medworm.com/index.php?rid=4080160&cid=d_7_37_f&fid=37999&url=http%3A%2F%2Fwww.healthimaging.com%2Findex.php%3Foption%3Dcom_articles%26view%3Darticle%26id%3D24613%3Amayo-physicians-use-novel...
  • https://medworm.com/
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PHP/7.2.34 PleskLin
Resource Hash
4d7382f15f657d1cdfd349847a0547907239f6cd93484ae51f230c63f0986630

Request headers

:method
GET
:authority
medworm.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=qeflcirtmtk3cl9pa4b0t75koc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 11 Jan 2021 16:02:29 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.34 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-cache-status
BYPASS

Redirect headers

server
nginx
date
Mon, 11 Jan 2021 16:02:29 GMT
content-type
text/html; charset=UTF-8
location
https://medworm.com/
x-powered-by
PHP/7.2.34 PleskLin
set-cookie
PHPSESSID=qeflcirtmtk3cl9pa4b0t75koc; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-cache-status
BYPASS
styles.css
medworm.com/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medworm.com/styles.css
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PleskLin
Resource Hash
3ed268ea6ba5f34352002d69c6435e5cba9d2a948a0aff35e3db7169e34bed99

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
last-modified
Sat, 01 Jul 2017 15:30:15 GMT
server
nginx
x-powered-by
PleskLin
etag
"5957c007-9b0"
content-type
text/css
accept-ranges
bytes
content-length
2480
new1.css
medworm.com/images/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medworm.com/images/new1.css
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PleskLin
Resource Hash
c7312933d6723e46be987da13dd5e64993fec8188930a2cd4db82d1860812528

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
last-modified
Wed, 07 Nov 2018 13:30:50 GMT
server
nginx
x-powered-by
PleskLin
etag
"5be2e90a-1208"
content-type
text/css
accept-ranges
bytes
content-length
4616
a4ca5a4bbd.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/a4ca5a4bbd.js
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
68f93e5606c54d1f4942edad7408324e00601ce68c47325ed374dc3497afe9dc

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
content-encoding
gzip
last-modified
Sun, 28 Aug 2016 19:01:31 GMT
server
NetDNA-cache/2.2
x-amz-request-id
8F1172BE24BCC67C
etag
W/"c9d4cb2107e780a216d18055c910b71e"
x-cache
HIT
content-type
text/javascript
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
lGpL/ed33YOCXm/oYyDwJ+uwgFlf2RXhuJcoZwIhvkbZur+ju+n2c7KT++KEguUDJbWBwqQf03Q=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c55f085dd30b7f07b3b0d2d40bf36e6f226750d16cbb7ed75d0e29dc84f93c8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47053
x-xss-protection
0
server
cafe
etag
2243074958797800702
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 11 Jan 2021 16:02:29 GMT
rss.png
medworm.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medworm.com/images/rss.png
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PleskLin
Resource Hash
efe269e45f1ffdb8dfe229406efd6e40f76334c1de0df6fa88e24ac6e0da409b

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
last-modified
Fri, 16 Sep 2016 13:12:55 GMT
server
nginx
x-powered-by
PleskLin
etag
"57dbefd7-1117"
content-type
image/png
accept-ranges
bytes
content-length
4375
MedWorm-Logo.png
medworm.com/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medworm.com/images/MedWorm-Logo.png
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PleskLin
Resource Hash
4449aead8e7d02668e75081eda92968f03a04131f69c66d4bb0579bbd6464582

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
last-modified
Mon, 03 Oct 2016 21:01:36 GMT
server
nginx
x-powered-by
PleskLin
etag
"57f2c730-2e87"
content-type
image/png
accept-ranges
bytes
content-length
11911
spacer.gif
medworm.com/images/ 		68 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medworm.com/images/spacer.gif
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PleskLin
Resource Hash
687e9528ef35e3dc4175d687537a36f4618840ed49e170e6842bb67db00d3a93

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:29 GMT
last-modified
Fri, 16 Sep 2016 13:12:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"57dbefd8-44"
content-type
image/gif
accept-ranges
bytes
content-length
68
nmedianet.js
contextual.media.net/ 		434 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUXICYFR
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c65ac85a2c932e845047ecc6a162ee015cd8e9cf26879f9b8ad6f8e4a9f8f70
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-mnt-h
10-9
content-encoding
gzip
server
Apache
etag
"22b7955c324f201b830c01d1b2450a5d"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Mon, 11 Jan 2021 16:02:30 GMT
strict-transport-security
max-age=604800
x-mnt-w
8-4
expires
Mon, 11 Jan 2021 16:07:30 GMT
counter.js
www.statcounter.com/counter/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d219257c7a07d8a54eeb282f6722fb87323962b98f8cd0841d966811f369e62

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Jan 2021 11:20:59 GMT
server
cloudflare
age
15987
etag
W/"5ff8401b-981d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
60ffdcc9cc2423c7-ZRH
cf-request-id
0793c8521b000023c77236a000000001
expires
Mon, 11 Jan 2021 23:36:03 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2577
date
Mon, 11 Jan 2021 15:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Mon, 11 Jan 2021 17:19:32 GMT
medworm.woff
medworm.com/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://medworm.com/fonts/medworm.woff
Requested by
Host: medworm.com
URL: https://medworm.com/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.157.179.87 -, , ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
medworm.com
Software
nginx / PleskLin
Resource Hash
f8c17b0b0c69de2d6f200dd36434b0a968e1d9c7fdad842bf93a29d7c1fe6896

Request headers

Origin
https://medworm.com
Referer
https://medworm.com/styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
last-modified
Sat, 01 Jul 2017 15:29:26 GMT
server
nginx
x-powered-by
PleskLin
etag
"5957bfd6-1e5c"
content-type
font/woff
accept-ranges
bytes
content-length
7772
a4ca5a4bbd.css
use.fontawesome.com/ 		1 KB
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/a4ca5a4bbd.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/a4ca5a4bbd.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7039d077eca330ebbce9e8f4c3145eb4a2cef1c0aeb1dd141b405732270145a1

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
last-modified
Sun, 28 Aug 2016 19:01:31 GMT
server
NetDNA-cache/2.2
x-amz-request-id
3CF055EFD3B64100
etag
W/"5a158c8b1aa439f22f86d71ca0e03e51"
x-cache
HIT
content-type
text/css
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
AAgbSgP/7flcHpI/cMWIdkvh8gTZ4OmZgww8XQnSCokPCNqGG0YC88qXAg7B133oX27IMnubHdk=
collect
www.google-analytics.com/j/ 		4 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1078687341&t=pageview&_s=1&dl=https%3A%2F%2Fmedworm.com%2F&ul=en-us&de=UTF-8&dt=MedWorm%3A%20Medical%20Search%20Engine%20and%20RSS%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=950925945&gjid=1302354794&cid=1052155703.1610380950&tid=UA-595498-1&_gid=1211742245.1610380950&_r=1&_slc=1&z=63865445
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 11 Jan 2021 16:02:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://medworm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		234 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
89527
x-xss-protection
0
server
cafe
etag
1810063338415286733
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Jan 2021 16:02:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame C482 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medworm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://medworm.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 11 Jan 2021 12:24:21 GMT
expires
Mon, 25 Jan 2021 12:24:21 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
13089
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/a4ca5a4bbd.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

Referer
https://use.fontawesome.com/a4ca5a4bbd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2016 16:47:01 GMT
server
NetDNA-cache/2.2
etag
W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
collect
stats.g.doubleclick.net/j/ 		1 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-595498-1&cid=1052155703.1610380950&jid=950925945&gjid=1302354794&_gid=1211742245.1610380950&_u=IEBAAEAAAAAAAC~&z=1237048953
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 11 Jan 2021 16:02:30 GMT
content-type
text/plain
access-control-allow-origin
https://medworm.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/a4ca5a4bbd.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://medworm.com
Referer
https://use.fontawesome.com/a4ca5a4bbd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
last-modified
Thu, 12 May 2016 16:47:01 GMT
server
NetDNA-cache/2.2
etag
W/"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
cookie.js
partner.googleadservices.com/gampad/ 		201 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=medworm.com&callback=_gfp_s_&client=ca-pub-5993214362050732
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
61ba311a9e83f31ff92e118b7fe5b7591f98eb0529c1a7fc70cec949d50e7034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=medworm.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=medworm.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 22AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5993214362050732&output=html&adk=1812271804&adf=3025194257&lmt=1610380950&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmedworm.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610380950056&bpp=17&bdt=190&idt=85&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2282868437192&frm=20&pv=2&ga_vid=1052155703.1610380950&ga_sid=1610380950&ga_hid=1078687341&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=2970689819206604&pem=155&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=106
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5993214362050732&output=html&adk=1812271804&adf=3025194257&lmt=1610380950&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmedworm.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610380950056&bpp=17&bdt=190&idt=85&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2282868437192&frm=20&pv=2&ga_vid=1052155703.1610380950&ga_sid=1610380950&ga_hid=1078687341&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=2970689819206604&pem=155&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=106
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medworm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://medworm.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 11 Jan 2021 16:02:30 GMT
server
cafe
content-length
38230
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 11-Jan-2021 16:17:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 11 Jan 2021 16:02:30 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1609936916402840"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28340
x-xss-protection
0
expires
Mon, 11 Jan 2021 16:02:30 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUXICYFR
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUXICYFR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-115.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
a2d7c317a5b09b3627c6aa263605f845a2cf418a3b3b0397ae5f23affba590ea

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 11 Jan 2021 16:02:30 GMT
Content-Encoding
gzip
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=1800
Connection
keep-alive
Content-Length
33696
Expires
Mon, 11 Jan 2021 16:32:30 GMT
fcmain.js
contextual.media.net/1017354394/ 		86 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/1017354394/fcmain.js?&gdpr=0&cid=8CUXICYFR&cpcd=BQbcylbndddUBISzWCMcZQ%3D%3D&crid=440727326&size=970x250&cc=CH&https=1&vif=1&requrl=https%3A%2F%2Fmedworm.com%2F&nse=5&vi=1610380950638584290&lw=1&ugd=4&nb=1&cb=window._mNDetails.initAd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUXICYFR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
98b7162c1898e9c94aa68f3fc7a4cc2ffc7b6e33346059fe6cfc941f83ff756f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
x-mnt-hl2
12-18
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300
date
Mon, 11 Jan 2021 16:02:30 GMT
x-mnt-w
10-3, 10-16
content-length
25051
expires
Mon, 11 Jan 2021 16:07:30 GMT
bping.php
lg3.media.net/ 		35 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?&gdpr=0&prid=8PRHGG6T9&cid=8CUXICYFR&crid=440727326&vi=1610380950638584290&ugd=4&lf=6&cc=CH&sc=ZH&wsip=2886780939&r=1610380950208&requrl=https%3A%2F%2Fmedworm.com%2F&vgd_l2type=setting&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_uspa=0&hvsid=00001610380950202031140535074716&gdpr=0&vgd_end=1
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Mon, 11 Jan 2021 16:02:30 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 11 Jan 2021 16:02:30 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6393 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5993214362050732&output=html&h=90&slotname=3297554054&adk=3628710515&adf=4175546147&pi=t.ma~as.3297554054&w=728&lmt=1610380950&psa=0&format=728x90&url=https%3A%2F%2Fmedworm.com%2F&flash=0&wgl=1&dt=1610380950073&bpp=4&bdt=207&idt=140&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2282868437192&frm=20&pv=1&ga_vid=1052155703.1610380950&ga_sid=1610380950&ga_hid=1078687341&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=2970689819206604&pem=155&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1Zk1jeBj7N&p=https%3A//medworm.com&dtd=144
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9390446438867674558/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9390446438867674558/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPc98OglO4CFeZjFQgdd0UMaA&gqi=lnb8X_mCDt-O1fAPx6q1qAI&layout=/sadbundle/%24csp%253Der3%24/9390446438867674558/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5993214362050732&output=html&h=90&slotname=3297554054&adk=3628710515&adf=4175546147&pi=t.ma~as.3297554054&w=728&lmt=1610380950&psa=0&format=728x90&url=https%3A%2F%2Fmedworm.com%2F&flash=0&wgl=1&dt=1610380950073&bpp=4&bdt=207&idt=140&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2282868437192&frm=20&pv=1&ga_vid=1052155703.1610380950&ga_sid=1610380950&ga_hid=1078687341&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=28&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769&oid=3&pvsid=2970689819206604&pem=155&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1Zk1jeBj7N&p=https%3A//medworm.com&dtd=144
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medworm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://medworm.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9390446438867674558/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9390446438867674558/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COPc98OglO4CFeZjFQgdd0UMaA&gqi=lnb8X_mCDt-O1fAPx6q1qAI&layout=/sadbundle/%24csp%253Der3%24/9390446438867674558/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 11 Jan 2021 16:02:30 GMT
server
cafe
content-length
29728
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 11-Jan-2021 16:17:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 11 Jan 2021 16:02:30 GMT
cache-control
private
t.php
c.statcounter.com/ 		162 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?u1=3BC70CCF00994FC356988D167FF40162&sc_project=4264955&java=1&security=93586b13&sc_snum=1&sess=cbf91c&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//medworm.com/&t=MedWorm%3A%20Medical%20Search%20Engine%20and%20RSS%20News&invisible=1&sc_rum_e_s=586&sc_rum_e_e=590&sc_rum_f_s=0&sc_rum_f_e=443&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.52.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29be77b3ae2329ce0df1193166533ae96ff9ee1b763b0523afe388b04e1bb8ed

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
60ffdccb0f7223c7-ZRH
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
https://medworm.com
access-control-allow-credentials
true
content-type
application/json
cf-request-id
0793c852e2000023c7620f7000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame E020 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUXICYFR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.177.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-177-115.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash

Request headers

Host
pxlclnmdecom-a.akamaihd.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://medworm.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://medworm.com/

Response headers

Content-Type
text/html; charset=utf-8
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Cache-Control
max-age=1800
Expires
Mon, 11 Jan 2021 16:32:30 GMT
Date
Mon, 11 Jan 2021 16:02:30 GMT
Content-Length
3752
Connection
keep-alive
ptmdP
dt.clnmde.com/ 		7 B
329 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dt.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUXICYFR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
vary
Accept-Encoding
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
cenw.js
dt.clnmde.com/ 		36 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dt.clnmde.com/cenw.js?identifier=bafp
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUXICYFR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e2e1d3a47521b035dbaa79d9c161cd2e5455976cb0c72e9f776844da277432f2

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
vary
Accept-Encoding
x-powered-by
Express
etag
W/"24-Di28txrqw17rSF3CNJHAEg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
ptmdDual
dt6.clnmde.com/ 		70 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22161038095036831728757807%22%2C%22za%22%3A1%2C%22gcd%22%3A1610380950383%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:42df:3a01:212:695a:6398:d43a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jan 2021 16:02:30 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
53263
x-xss-protection
0
server
cafe
etag
8848748755015014073
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Jan 2021 16:02:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 2D50 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20201203/r20190131/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medworm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnPPCBvfMjJTsMb5nCS_bv_efkTv8OXD6ujmEuFdDqKh0TNksR6ozpiU67_; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://medworm.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 10 Jan 2021 21:20:41 GMT
expires
Sun, 24 Jan 2021 21:20:41 GMT
content-type
text/html; charset=UTF-8
etag
10723747146953794269
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4923
x-xss-protection
0
age
67309
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=161038095036831728757807_N4IgxmAWDWIFwG0QBZkAYDsAmDBmLAbCALoA0IADgJYAmALvEmieQE4CmAZgKqsA2DRCBYgAzqzC8BjEJDp0KogKS4AgkqwAxDZoC27GgHcA9q10A6MMd06RAN1EB9WoIQA7AK58+ZWQ+f0MmjBaACMBKFouAAcaACcAKxoWMlRoaHoCbhJGMgY4SJgHqJ0Aa4g0QDC3AAaAJKVAJqaAEqFrHYywAA6KOjYeIS9cD0gdACeFOzDvWCsAb2kvXZUC-C94ZEx8UkEMQnRyFhxaIu9kP60MyAhYRFRsYmpKbjpmdmYeeG9AL4-Im4AIaMI5xZBxAjYAjIUihXDoaIYKJxUhZYKHaK4NC+IGieDHchUQG6RjYwmAvFwaLkAAenHgNwInFCYGONAARlhWRgDlh2OzcOzYshmVgEnscMxaZxBBVcOwCOw4nF2Zx0OzcgQsLhOGBsnDODQ0GAEicsDQQITOnA0OYEuQSoC6MUQaRcLg3TDsm6CG6MG7qbgUQSsbC4r4AF7AuChcgUADmDM65HYbmtlEtIHjkAZmweOyiBExoWwiISGFiGEzdEpIAyx0ryC1CQOmYcDII5ltuHymcBfHgHpAuvgAFpYyB2HQqPA89sng66ImbQ7YHA6-d50lHJEcNDohlkAlkJn2FQKLnoglzKFxTeeTfXqePNGJx4ZyvJ3YB4hQED9Ay7K0DQ7DzLQmY0E60agEBNAgWBFpwJ43jkCsAS5pujy7PshzHMwfy+KIfAlBhWxYVEWSZnw9Ixqhqzgeuc7kXsV64ScmZFCU6HrlUtQNM0bTkPGYCzphBYLiAACO7CzuQnAflgPxAA
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jan 2021 16:02:31 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
nrrV67306.js
contextual.media.net/4a/ Frame 1908 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/4a/nrrV67306.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUXICYFR
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64f988d716443cf2b32e01fd9ec3937018a487abfc0c4d6c997c85d23de09c56
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
max-age=2592000
strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
etag
"37d86d246a11feb96ff9459d78021a0b"
vary
Accept-Encoding
x-mnet-h
10-3
content-type
text/javascript; charset=utf-8
cache-control
max-age=1209600
date
Mon, 11 Jan 2021 16:02:31 GMT
content-length
30659
expires
Mon, 25 Jan 2021 16:02:31 GMT
1x1.gif
contextual.media.net/__media__/pics/800028474/ Frame 1908 		42 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/__media__/pics/800028474/1x1.gif
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:31 GMT
last-modified
Mon, 04 Jun 2018 10:04:19 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=608543
accept-ranges
bytes
content-length
42
expires
Mon, 18 Jan 2021 17:04:54 GMT
truncated
/ Frame 1908 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1908 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
bullet13.woff
contextual.media.net/__media__/fonts/bullet13/ Frame 1908 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/bullet13/bullet13.woff
Requested by
Host: medworm.com
URL: https://medworm.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Origin
https://medworm.com
Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:31 GMT
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
1692
expires
Tue, 12 Jan 2021 16:02:31 GMT
bql.php
lg3.media.net/ Frame 1908 		15 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?&vgd_l2type=setting&v=1&gdpr=0&hvsid=00001610380950202031140535074716&geo=47.37|8.55&dlper=25&lper=100&fp=h6HjbQMMHO4CSlSIsTkVSG21ZVXTsIdDZ7T0-Ue7PMVXSTaIyOEcEeLJLal6rsg9Fxr78BostDV2C5K7bLWHYb-pVuAxaUXa2akTOKIUmRCC4NFSnteP3qPmUGUFukBg&lpid=&tsid=15062&q=&prv=&type=&ps=&cme=O85N3mUFyTajiFjYjHav2fy9iv2I4nEDgosR3B9UK25gk-084y1iH9R1Sy-ONdl5Kanwuf_XRrs7upmVfNNJqEGTauKROqvbW5S--9-owGPMQSQ2S0iLdDhsMvDh06eFQP1b0PTYxIWCtpjKEXchdcsuIxoLHCjmi5s_Ex_hvxWBT8sm0ErCoDx0SMmLHuVzu5E8G4M5ZnxoZBs35d6w9g%3D%3D%7C%7CNDHRnZ9Gz3KXlI-i9OnZqQ%3D%3D%7C5gDUJdTGiJzedmq9hanWYg%3D%3D%7CsRBSg3CPSiQ%3D%7CYdjFvixrVaFajX-oF5vh39mdDtcPHp_s%7CN7fu2vKt8_s%3D%7CohuHnEJg9ojyDMF8GPk9YfiZ-0jrMOPc2Qcf1IL-MyhXZ3A8bYe_xw3xeE2OWi3lp1ribOP27iCxSzayWISmckpyMYNWB7hidGPLgk5KIXFRsyhjmQryynIecdwAYVuZLyTZQZglY5ZCJqEYFRnfRAeozkMzIZJ897wUbnxpXwNXLvPROhJtbFOkN3S_HxzzUJb6CtBCuPlXTgLtD5NGcg%3D%3D%7C&hint=&td=&cc=CH&wsip=2887305229&bca=0&ugd=4&vgd_chost=contextual.media.net&vgd_fcic=1&vgde_setid=Nu9&&rc=0&ksu=207&fdkt=232&kwd[]=Nerve%20Pain%20Relief&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=1&kid[]=20301953&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.08%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Heart%20Attack%20Symptoms&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=2&kid[]=13458495&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.02%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Get%20Rid%20of%20Belly%20Fat%20Fast&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=3&kid[]=98457760&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.29%7C%7Clvl%3D3.49&ktd[]=274911854848&kwd[]=Healthy%20Diet%20Plans&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=4&kid[]=13451569&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.54%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Home%20Remedies%20for%20Acne&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=5&kid[]=13934031&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.09%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Best%20Turmeric%20Supplement&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=6&kid[]=322000656&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.08%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Home%20Toothache%20Remedies&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=7&kid[]=209073470&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.20%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=Chronic%20Pain%20Treatment&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=8&kid[]=5987099&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.22%7C%7Clvl%3D1.00&ktd[]=274911854848&kwd[]=List%20of%20Low%20Calorie%20Foods&kwt[]=232&kbc[]=1f0786a6235ff0c13ad439f303598f69.d2s&kwp[]=9&kid[]=17621314&kbc2[]=0%7C%7Cps%3D0.992%7C%7Crpc%3D0.09%7C%7Clvl%3D1.00&ktd[]=274911854848&rand=1610380951275&cid=8CUXICYFR&vwid=1610380950638584290&vi=1610380950638584290&l3ch=0&slnkp=no&tdAdd[]=rtbsd%3D6&tdAdd[]=ib=0&vgd_uspa=0&vgd_sc=ZH&vgd_l1rakh=1610380950170355456&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_ifrmode=00&sttm=1610380950202&upk=1610380950.23781&hvsid=00001610380950202031140535074716&verid=3111299&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1%26asn%3D9009&vgd_hbReqId=T1609930087C8S5U852&vgd_isiolc=1&rtbsd=6&pid=8POPC6Z04&katen=1&pc=11&matm=1610380951285&vgd_ltime=1094&vgd_ltimesrc=2&abpl=2&tdAdd[]=nw%3DNone&tdAdd[]=nwType%3DNone&tdAdd[]=asnum%3D9009&tdAdd[]=proxy%3DNone&tdAdd[]=comp%3DNone&vgd_l3_sc=ZH&vgd_l2ch=0&vgd_l1ch=1&vgd_katid=801333003&vgd_katbid=-21&vgd_kals=ttype%3D10007%7C%7Cpc%3D11&vgd_kasts=tstype%3D-10408%7C%7Cgbid%3D-1&vgd_altbql=sb&vgd_pdtid=1&vgd_implt=3&vgd_sbSup=1&vgd_l2wsip=2887305298&vgd_nrrsf=nrr&vgd_nrrv=67306&vgd_nrrs=67306&vgd_nrrmf=4a&vgd_cntrdt=S%7CDIV-center&vgd_x_pos=240&vgd_y_pos=756&vgd_ren_page_h=1200&vgd_cty=ZURICH&vgd_l1hcsd=N9%7C254&vgd_sethcsd=C18%7C188&vgd_cfud=200219&vgd_is_amp=0&vgd_icat=97&vgd_spcat=500756&vgd_optout=0&vgd_ect=4g&vgd_rensize=1120_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_l1rpth=%2Fnmedianet.js&requrl=https%3A%2F%2Fmedworm.com&oRurl=http%3A%2F%2Fcdn3e%2Fmediamain.html%3F%26nb%3D1%26settings%3D1%26%26cc%3DCH%26isOffice%3D0%26fvips%3D0%26vi%3D1610380950638584290%26lw%3D1%26esi%3D1%26size%3D970x250%26crid%3D440727326%26vpf%3D000%26cid%3D8CUXICYFR%26ugd%3D4%26chost%3Dcontextual.media.net%26vif%3D1%26blacpfl%3D1%26https%3D1%26blapd%3D0%26nse%3D5%26baeFlag%3D0%26cpcd%3DBQbcylbndddUBISzWCMcZQ%253d%253d%26nb%3D1%26gdpr%3D0%26cb%3Dwindow._mNDetails.initAd%26pid%3D8POPC6Z04%26requrl%3Dhttps%253a%252f%252fmedworm.com%26%26katid%3D801333003%26katen%3D1%26katbid%3D-21&tdAdd[]=uiparams%3D%3Brend_w%3A1120%3Brend_h%3A250%3Bwin_w%3A1600%3Bwin_h%3A1200%3Bkwd_scnt%3A9&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV67306.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Mon, 11 Jan 2021 16:02:31 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Mon, 11 Jan 2021 16:02:31 GMT
log
navvy.media.net/ Frame 1908 		807 B
998 B 		Other
General
Check archive.org
Download Go to
Full URL
https://navvy.media.net/log
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/4a/nrrV67306.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.52.5 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-52-5.us-west-1.compute.amazonaws.com
Software
Jetty(9.4.7.v20170914) /
Resource Hash
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 11 Jan 2021 16:02:31 GMT
server
Jetty(9.4.7.v20170914)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache,no-store
content-length
807
expires
Mon, 11 Jan 2021 16:02:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df7986f51fbcd10eb640798338fbfd9b86510451cbb9f72170e2a75ce674d19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 11 Jan 2021 16:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6578
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 11 Jan 2021 16:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1607463675096825"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6146
x-xss-protection
0
expires
Mon, 11 Jan 2021 16:02:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame B671 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/220/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://medworm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://medworm.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4868
date
Mon, 11 Jan 2021 15:26:17 GMT
expires
Tue, 11 Jan 2022 15:26:17 GMT
last-modified
Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2174
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=2970689819206604&bg=!IiGlIQHNAAXKjztByljxn5T_bxqBSgIAAABrUgAAABRoAQcKAUJKIqUUR8_5gXYW6xON8WUIqbvnY9i6j9ALzta-ODqGGBu9pOlrwTTm0P4Rw9-5PMWLPHJXnmJCmZxSDWZKiabP2F1aVt6WNQujb5LabKZDMQqs97tQspqjqlcnHpTauUto6Qmvh7IxW6az8Rh482b7wZauHqwMytLfPo9qxlxLzYHFxK2LNM-je2KPHDdIJR7fr0DSXZ4hx8Ua40oahoCWpkRom1tJw1XRdERYpgFsZnG1KeyCrjha4OgoNLWx-HgMiM1QM7ueXzFro7fTVFA3zCf03WdX01JP7hVGo8INwd8X1LsNqza_r5-uYFIe8kZ6GSU0beaJyjAn_Yt02MtTHeD3UDfJs_XpZMbweUhS87E3UDnNNUB7r3R2J6Vqq-cXPKbXpMNqZ5F-xmPGIUoAPKvgLHVzbnScMe2HTDZo_Xw6mQHEXEoQ0N9JM4codMY3Ehzrnsi3vuQzApsnFw1sBXxbpLsi-JX8aa8ZC0JBEpg2ztq1nxfQswycxOtxQQ86aj_vzot79KtlsVc_tujaffEa1DT4U0i6ZYbDV8IBJXJnf3BpPWX9_KMYraXDTZuWgUftkJB47BdGlZZjpRY9sqQ1X_f4CoMbHhDuHIe_JuokcJo2YScfEbDwzDIsxQgWYZX2McoGsYGmWNZ3fDoAN-EYu6zosdm1zvJxRLnIvcoFIoaVhxMKn7A7Bo_pyF1N49uUVgZp6ZK-TdCU442S3CMaFWG-0hRjYTKdMVs0jqRxHqUFLQRn0M1q7gxotX6Kct8nr9ksMl1RB5qHKE33hdyLYNTYCZDqfPCAga-p1U2KF3Vkkqyr7Lo2Mwzj3Gp7NCp2ZH2w6zPBY6bMQNeP6cmrHUn6gAtr1r05zvHa-u5crO61xE3nzBuGcVd44HaM109pnUryjbxVTNnRNs7RX338eIUCkTp3eDF6oBqRYiE4xj3m5rgwu7HJlfmLAo49hShG45b0FiC_IpjtmR5zVz8CNUcKQ6CIg1bkt1DbN-xDXRcIfSUEttCTK4r1XjmExDOIZ2FWpGc
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jan 2021 16:02:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?lf=3&&vgd_l2type=setting&pid=8POPC6Z04&vgd_viab=1&katid=801333003&kals=ttype%3D10007%7C%7Cpc%3D11&katen=1&pc=11&kata=aton&katbid=-21&kasts=tstype%3D-10408%7C%7Cgbid%3D-1&cme=O85N3mUFyTajiFjYjHav2fy9iv2I4nEDgosR3B9UK25gk-084y1iH9R1Sy-ONdl5Kanwuf_XRrs7upmVfNNJqEGTauKROqvbW5S--9-owGPMQSQ2S0iLdDhsMvDh06eFQP1b0PTYxIWCtpjKEXchdcsuIxoLHCjmi5s_Ex_hvxWBT8sm0ErCoDx0SMmLHuVzu5E8G4M5ZnxoZBs35d6w9g==||NDHRnZ9Gz3KXlI-i9OnZqQ==|5gDUJdTGiJzedmq9hanWYg==|sRBSg3CPSiQ=|YdjFvixrVaFajX-oF5vh39mdDtcPHp_s|N7fu2vKt8_s=|ohuHnEJg9ojyDMF8GPk9YfiZ-0jrMOPc2Qcf1IL-MyhXZ3A8bYe_xw3xeE2OWi3lp1ribOP27iCxSzayWISmckpyMYNWB7hidGPLgk5KIXFRsyhjmQryynIecdwAYVuZLyTZQZglY5ZCJqEYFRnfRAeozkMzIZJ897wUbnxpXwNXLvPROhJtbFOkN3S_HxzzUJb6CtBCuPlXTgLtD5NGcg==|&gdpr=0&prid=8PRHGG6T9&cid=8CUXICYFR&crid=440727326&requrl=https%3A%2F%2Fmedworm.com%2F&vi=1610380950638584290&ugd=4&cc=CH&sc=ZH&startTime=1610380950193&l2type=setting&vgd_l1rakh=1610380950170355456&l1ch=1&sttm=1610380950202&upk=1610380950.23781&hvsid=00001610380950202031140535074716&verid=3111299&vgd_sc=ZH&tdAdd[]=%7C%40%7Csde%3D1%7C%40%7Cadepth%3D1%7C%40%7Cddepth%3D1%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&kbbq=%26sde%3D1%26adepth%3D1%26ddepth%3D1&vgd_hbReqId=T1609930087C8S5U852&l1hcsd=l1!N9|254&vgd_uspa=0&vgd_isiolc=1&clp=%7B%7D&rtbsd=6&l2ch=0&l2wsip=2887305298
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.23 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=21600
Server
Apache
Date
Mon, 11 Jan 2021 16:02:32 GMT
ntCoent-Length
15
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
15
Expires
Mon, 11 Jan 2021 16:02:32 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5993214362050732&su=medworm.com&doc=complete&pg_h=1200&pg_w=1600&pg_hs=1200&c=1&aa_c=0&av_h=90&av_w=728&av_a=65520&b=1082&all_b=1082&d=0.075&all_d=0.075&ard=0.034&all_ard=0.034&dt=d
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 11 Jan 2021 16:02:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=161038095036831728757807_N4IgpgHiBcIAwgDQgM4GMD2MQEYBsOcAzABxwCcArHAPqEBMA7HgCwk4suUtKqYBmMHMnQYALtnyFSFanThNW7TtxokARvTglG6hmnJgiYSv35gAJjjQdGJSxru9RYwdGF9xFyQWJkqtAzMbBxcLDTq5GGMaACG9CQWpuT8OLFmROqUeJRE5Bb8JEQW6s6YYgVCyGAA1rHYeBp45PFwALTc9HhtODhg6m3kpCxtmWD0xc0t5AjVNaXuyGgAbijYwAA6IAA2GHHbNChiGABOsQDmYFvQW43qza0dLF09fQNDJCNjExZTsTNbRBbFBgFAoACWGAAdodjmdLtdbk0Wloni9ev1BsNRupxpNyNM4ICtpgMDVwWAaBZYmJYoiQHcHqjOt0Me9sd98YStgBfXh1BpNegsfjtFmvTEkQrtHCMeiUe5wWKxAh4fkLDwrdZbXb7WGnC5XGBI+7C0Vo1lvNpSsg9OUKvBKlX4YmoUEQ6H6+FGm4MoUisXPS2S6V2+WK5Wq12k8mU6m0+mMs2B9FWm0y+0R514Xm8c6uGAAbTgiBLJeEZYAush82toMXS43y6Xq6gxHWGxXG-QW9U0GIALbYOw4Xj8er1ojMMjNIgJRCEEhN5dl5esFdN1vjut4ZAACz3Ra0iHoOC3bh7IAArlehFPL-xltheAOAJ5FwvCYXloiOxCMbIFzgOA8ErVsAHcAEci1bN8ThgpYBzQBYQE4OA5UYOc1SWE4BwAByLXBfBkAI8FIShPnoGYaAHWJwRhUdW1ibYJHrOBWxQLBFhAcEn2gS8jhpK8OwmRByBPShECIBdyFbAAvCcPDw85sCfaooT4kACJrQ9YCkPxZGIRoiFlBIALsdDeHbSRnnIMhGBYPB5Qo3hVgaAA6OB3KnUdkGYmBpJAfg0BgHpqjEcEhGI-xqBEMQVOgEtUBqHxpBiwIFGCZQwl4MBwQIvSSEodycGyEqAJKkzcqvRTkCvSLEuqZZtiLUAoViAcwGwdRwQsCwwBOGhet4eMJ1AHq+oGobvGgKEr22bZkGWcFptSgzSPIyiZhAHkeQ47YjjWkjqCIXJeG2NwPGW1a9OiwyyKKrbZhANBhLEG6QBIABhABVAANABJL6AE0ADEACU8xC9w7qoCYqGQSCuu4-gGqIHkgA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jan 2021 16:02:32 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=161038095036831728757807_N4IglgbiBcAsA0IDOAXAhigrkmBtAjAJwC6iAXmjPogA4DmMIUiApgHZTQg0iJ0AWjfADZ8ABgDMADjGEArJOFSJ+AOwAmKarmqZq3iBQ4u+WOsJ7Yw9XLlSDEYyGEA6MS4mr8BtABsYEogAZgDGMAC01CAsKGBUopIy8mKIqAzQKcgA1kIJ0rIKAPri6qrCsFKmsHKwBixgPCZSci74cq5qLfgqdZiU0FGYcRmsEP7QuKBsaAC2LIwARmAAJsssAE6FKwbLGP2gS6sbW8swbJi+vogQYCe54vnJwtJ2ZoRiIAC+n6TIvqj3RIFSRyCQGXxBKjXW7bEx5JIKZ7NKRvD6IELYFB3LhSADCAFUABoASVxAE0AGIAJQMdDCA3hBVgEnkiAAjvMBsFhrBPkA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jan 2021 16:02:34 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
ptmd
dt.clnmde.com/ 		70 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.clnmde.com/ptmd?t=161038095036831728757807_N4IgLgDghiBcDaiCMAaADCkB2ATADgCoBONAfSRAF1rMBLANzj0wGcwowBXFueAFhwokRSpgBeMWKhAQA5nBCNMAUwB2jWDJCZZACwVIAbEjQBmPGiIBWM4bymkuPFitYLWbeB6akAou75DHCsrPE96bxBDADo0aNMsCkwoABs4U0wAMwBjOABaaWUwWjgjE3NLG1YweVgMEBYAawNjMwtrMhMcLEM+PF8+Kz5PZVoIAzwraKQrGMcppAcRzklpThK6lXo0hFBVKABbZQUAI1oAE3PlACdSC89zjklQM8ubu-O4VU4UlMx6WgfFrldo2QzmUJ+NAgAC+MNEDRSbGBbUqZispk8KUypX+gPuPlaFQ64MmeChnmy3DAQM0eAAwgBVAAaAEl6QBNABiACVPLJclIiaD7NZMABHY5SLIbNAwoA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 11 Jan 2021 16:02:38 GMT
x-powered-by
Express
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
ptmdP
dt.clnmde.com/ 		7 B
328 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dt.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUXICYFR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.24.200.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-24-200-179.compute-1.amazonaws.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://medworm.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 11 Jan 2021 16:02:40 GMT
vary
Accept-Encoding
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| FontAwesomeCdnConfig string| cssUrl string| GoogleAnalyticsObject function| ga object| adsbygoogle string| medianet_width string| medianet_height string| medianet_crid string| medianet_versionId object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map number| google_lpabyc number| google_unique_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| _mN object| _mNSrv function| setup string| _mN_Idf string| _mN_ctrM undefined| _mN_ctr object| mnjs object| hbCMBidxc function| _cR function| _cD object| _mNDetails function| _cmL1Require function| _cmL1Define object| _mNadPrvLog number| sc_project number| sc_invisible string| sc_security function| _statcounter function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| eti object| hs string| cp string| pd object| ad_regex string| adod string| sdod string| sdodi number| templateId string| customerId string| noCookies number| cstSmpPer string| esi_ip string| esi_ua number| staging function| browserfp object| sppx number| bfObjLdCnt string| endTime object| google_llp object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn
Value: 1610380950_102764814454
.pxlclnmdecom-a.akamaihd.net/ Name: bafp_t
Value: 68b69a20-5426-11eb-9384-3be23d699a90
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_td_b94547ca28d5f9f1aff3b56539df83db
Value: 1610380950_102764814454_b94547ca28d5f9f1aff3b56539df83db
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnPPCBvfMjJTsMb5nCS_bv_efkTv8OXD6ujmEuFdDqKh0TNksR6ozpiU67_
.medworm.com/ Name: bafp
Value: 68b624f0-5426-11eb-8f80-1725b60aa616
.medworm.com/ Name: bfp_sn_pl
Value: 1610380950|1_102764814454
.medworm.com/ Name: bfp_sn_rt_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1610380950371
.medworm.com/ Name: __gads
Value: ID=bd9a5ba04f2d5b1b-22fe161c9ea600b3:T=1610380950:RT=1610380950:S=ALNI_MZQPFbglAgKWj31LPJ8RAUagc6pjQ
.medworm.com/ Name: bfp_sn_rf_8b2087b102c9e3e5ffed1c1478ed8b78
Value: Direct
.medworm.com/ Name: sc_is_visitor_unique
Value: rx4264955.1610380950.3BC70CCF00994FC356988D167FF40162.1.1.1.1.1.1.1.1.1
.medworm.com/ Name: _ga
Value: GA1.2.1052155703.1610380950
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1610380950_102764814454_8b2087b102c9e3e5ffed1c1478ed8b78
medworm.com/ Name: session_depth
Value: medworm.com%3D1%7C440727326%3D1
.medworm.com/ Name: _gat
Value: 1
.medworm.com/ Name: _gid
Value: GA1.2.1211742245.1610380950
medworm.com/ Name: PHPSESSID
Value: qeflcirtmtk3cl9pa4b0t75koc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c.statcounter.com
contextual.media.net
dt.clnmde.com
dt6.clnmde.com
googleads.g.doubleclick.net
lg3.media.net
medworm.com
navvy.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pxlclnmdecom-a.akamaihd.net
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.googletagservices.com
www.medworm.com
www.statcounter.com
100.24.200.179
104.108.144.24
104.22.52.65
104.76.200.23
172.217.16.130
2.16.177.115
23.111.9.35
2600:1f18:42df:3a01:212:695a:6398:d43a
2a00:1450:4001:800::2002
2a00:1450:4001:808::200e
2a00:1450:4001:819::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2002
2a00:1450:400c:c00::9a
45.157.179.87
52.52.52.5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0a4c16b7f5c1b1ecefc9ffb4fcf1b457f9282d0863fa61d4dd32ad98dafa9a60
29be77b3ae2329ce0df1193166533ae96ff9ee1b763b0523afe388b04e1bb8ed
2c65ac85a2c932e845047ecc6a162ee015cd8e9cf26879f9b8ad6f8e4a9f8f70
2d219257c7a07d8a54eeb282f6722fb87323962b98f8cd0841d966811f369e62
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3ed268ea6ba5f34352002d69c6435e5cba9d2a948a0aff35e3db7169e34bed99
4449aead8e7d02668e75081eda92968f03a04131f69c66d4bb0579bbd6464582
4d7382f15f657d1cdfd349847a0547907239f6cd93484ae51f230c63f0986630
6139b4d0af528ec1d0e26ae865c1ca04ac061d844ffa6ccc9e4adaa3af93a2f7
61ba311a9e83f31ff92e118b7fe5b7591f98eb0529c1a7fc70cec949d50e7034
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
64f988d716443cf2b32e01fd9ec3937018a487abfc0c4d6c997c85d23de09c56
687e9528ef35e3dc4175d687537a36f4618840ed49e170e6842bb67db00d3a93
68f93e5606c54d1f4942edad7408324e00601ce68c47325ed374dc3497afe9dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df7986f51fbcd10eb640798338fbfd9b86510451cbb9f72170e2a75ce674d19
7039d077eca330ebbce9e8f4c3145eb4a2cef1c0aeb1dd141b405732270145a1
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
98b7162c1898e9c94aa68f3fc7a4cc2ffc7b6e33346059fe6cfc941f83ff756f
a2d7c317a5b09b3627c6aa263605f845a2cf418a3b3b0397ae5f23affba590ea
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c55f085dd30b7f07b3b0d2d40bf36e6f226750d16cbb7ed75d0e29dc84f93c8c
c7312933d6723e46be987da13dd5e64993fec8188930a2cd4db82d1860812528
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
e2e1d3a47521b035dbaa79d9c161cd2e5455976cb0c72e9f776844da277432f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe269e45f1ffdb8dfe229406efd6e40f76334c1de0df6fa88e24ac6e0da409b
f3b0e1ed6cb79ccf93702fd66f2371d4f73de62937c237270b7d70f25300bda1
f8c17b0b0c69de2d6f200dd36434b0a968e1d9c7fdad842bf93a29d7c1fe6896
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149