loan.medcpu.com Open in urlscan Pro
2606:4700:3035::ac43:930e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://loan.medcpu.com/
Submission: On November 22 via api (November 22nd 2023, 5:22:26 pm UTC) from US — Scanned from US

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3035::ac43:930e, located in United States and belongs to CLOUDFLARENET, US. The main domain is loan.medcpu.com.
TLS certificate: Issued by GTS CA 1P5 on October 16th 2023. Valid for: 3 months.

This is the only time loan.medcpu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3035::ac43:930e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:808::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
18	5

9 2606:4700:3035::ac43:930e (United States)

ASN13335 (CLOUDFLARENET, US)

loan.medcpu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	medcpu.com loan.medcpu.com	76 KB
3	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359	61 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	9 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	187 KB
18	4

	Domain	Requested by
9	loan.medcpu.com	loan.medcpu.com
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	pagead2.googlesyndication.com	loan.medcpu.com pagead2.googlesyndication.com
18	4

This site contains no links.

Subject Issuer	Validity	Valid
medcpu.com GTS CA 1P5	`2023-10-16` - `2024-01-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://loan.medcpu.com/
Frame ID: BB384F2078DBF3DAAF683C1178D6B053
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: FF261E678D534FAB5F5579EDF181FFFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6521635981818320&output=html&adk=1812271804&adf=3025194257&lmt=1700673729&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Floan.medcpu.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700673728155&bpp=87&bdt=969&idt=1598&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5196680302726&frm=20&pv=2&ga_vid=1073098716.1700673730&ga_sid=1700673730&ga_hid=617285047&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44785294%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=3288722664371927&tmod=1941956604&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1801
Frame ID: AA8C49B5A02FFAE9B83ADAF797E8AFFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

334 kB
Transfer

1070 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
loan.medcpu.com/ 59 KB
12 KB 1894ms
1362ms Document
text/html 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfaac4d765069f0e5a6f1f0d94e74f54bf30a88d70ea167c0437be42d1341474

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a2da426d3042a7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 22 Nov 2023 17:22:07 GMT
link: <https://loan.medcpu.com/index.php/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzrlR6hAa7uLBIitmYEWy3LZwXj7ryzBHH%2FSfhdy28FfGaVFfIvGG6dcBmXp1zTH%2B%2Bb8VQf5K3wAfRv1wLeTKLpc0rMsDlJLT%2BOfhquUh6WrNHRp0g8doM1BYQbK3%2F7oeQVQ4ykugFeIzsCn25c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 style.min.css
loan.medcpu.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 1600ms
1412ms Stylesheet
text/css 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 14:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1add3-655a15b7-4f18ad;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDaq%2Fj8Sp9e7wO2ypJZ3rqe0BCkgnr9PlJcsdhTbUY97eGNIf4j60JtFuGI1ayqoAKs4KbaAWiB9I09ALo1d6w2N5y28WyyLgMcNNstLiYLOrG4%2Bb8xsj4T6JreXdRAPz3JqJwcfEedj1NOzvV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 82a2da4bed3742a7-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:08 GMT

GET
H2 200 global.min.css
loan.medcpu.com/wp-content/themes/kadence/assets/css/ 22 KB
5 KB 765ms
579ms Stylesheet
text/css 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.49
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Nov 2023 09:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"598d-655b2a01-4f5032;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnlqCCd3dZzLrbPMPUETHDpelWggPVWKrB4o%2BuyhnROCoK8q3xCpCF46m32euscmBdzcTu5pr2jsBJpTQ6U4us7bMkM3gu5fT4GVonRoPu32%2Fj2UfUeboL%2BI4HjKrRTcDrGPSQu3XQyXYVkS0kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 82a2da4bed3942a7-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:07 GMT

GET
H2 200 header.min.css
loan.medcpu.com/wp-content/themes/kadence/assets/css/ 26 KB
5 KB 1502ms
1316ms Stylesheet
text/css 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.49
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Nov 2023 09:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"67ee-655b2a01-4f5033;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnnswpuspZmYy2C8z9Yi82tcFWDwTOBIh0qNOBe00C6rQjQWSZwF8oqSl3sHcP%2FCTYfAhZDpf7gqp8nPWGNRrdCxxwi1yX7Rqy7CcOr%2BxSrwUFxDgFyR4NkItOCPuqegebLz47wjzwOC8BgLJUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 82a2da4bed3b42a7-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:08 GMT

GET
H2 200 content.min.css
loan.medcpu.com/wp-content/themes/kadence/assets/css/ 32 KB
6 KB 1511ms
1326ms Stylesheet
text/css 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.49
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947db91f8ba025357890071b5f8df7e0cdb449fbd3e252729bbae2a771f82550

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Nov 2023 09:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"81c7-655b2a01-4f502a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9v0NVkbwJiMJRckRcCNUMOisjDz8Ey3s3cBBo1SLOudTdVkZC7YYWNB5jAp1tmvlXEw5vNPupoHbbVCoM2WfLjae0vQmr4RIITVth%2BGHId4oUFIKKB0xaUeVqaWXzVtI%2F6Iz96uY4MIWW9Rl1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 82a2da4bed3d42a7-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:08 GMT

GET
H2 200 footer.min.css
loan.medcpu.com/wp-content/themes/kadence/assets/css/ 19 KB
2 KB 728ms
543ms Stylesheet
text/css 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.49
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09918137760470f6bf298eb17af0eafd0e43381dffd797a96c9ec044da00d3c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Nov 2023 09:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4a29-655b2a01-4f5030;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imoFNauHqDvOaSRRYeXoDeJS9mbCoNFUSh%2FAjmipH3J7UZVPYOawTWuvzCPmWpDNeOLYzCOkN99PyiReeiKozgbKTQsiooMxRWbv45NhhybzY%2Fnnh1k3a2p3%2B0z8uh2b6%2BSw7nppNH1KRf%2BX2ts%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 82a2da4bed3e42a7-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 327ms
72ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6521635981818320

Requested by

Host: loan.medcpu.com
URL: https://loan.medcpu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cba95bf402f4bc5fbb492602b75ab4a166efad7efbe5081877059a4e9b76b62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loan.medcpu.com/
Origin: https://loan.medcpu.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52715
x-xss-protection: 0
server: cafe
etag: 16480898958046704919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:22:07 GMT

GET
H2 200 provider.duhocnhat.org_.vn-24.png
loan.medcpu.com/wp-content/uploads/2023/11/ 20 KB
21 KB 1684ms
1514ms Image
image/png 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loan.medcpu.com/wp-content/uploads/2023/11/provider.duhocnhat.org_.vn-24.png
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:08 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Nov 2023 09:50:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51e9-655b2be5-4f50ac;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaDPv9HPskVureIYHa2ktUq49MD7CJaVw0YkCo2yFjuZ7FMAV%2F0FaEDvx7Z58ogS8WszD%2Fn994FU553quauSMI3nVpTe5xZWM3r9cViKmmyewfKLJwQdZtFsKHDR7kXeghE3RhZseskuFUhalTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 82a2da4bed4042a7-EWR
alt-svc: h3=":443"; ma=86400
content-length: 20969
expires: Wed, 29 Nov 2023 17:22:08 GMT

GET
H3 200 navigation.min.js
loan.medcpu.com/wp-content/themes/kadence/assets/js/ 18 KB
5 KB 1390ms
1354ms Script
application/x-javascript 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.49
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Nov 2023 09:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4677-655b2a01-53525d;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIU6GAe0A2qksrogNx6cyqMuY3q0HpFXjX64Dcn24%2B3RIyzw8weEzTCkoFPDAhbWvvUHVdBWIy6BDOz4T6FJqdVY13UzNvAj7WMlOakxrA3YFQGSrC1OHpFXLkM%2BHoVaulBwh36TnvHVztdDdvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 82a2da4d6ee34378-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:08 GMT

GET
BLOB 200
OK 8d31614c-7909-42bb-980a-b8204aa4fe9e
https://loan.medcpu.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://loan.medcpu.com/8d31614c-7909-42bb-980a-b8204aa4fe9e
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 268ms
162ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6521635981818320

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b6453cca7df5ca2019bff09bbe94dfde9b84c1eec1ea04abdae61be5505b364

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138484
x-xss-protection: 0
server: cafe
etag: 16186725323320527532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:22:08 GMT

GET
H2 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame FF26 9 KB
4 KB 356ms
40ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6521635981818320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loan.medcpu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 6781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 15:29:07 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 15:29:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame AA8C 11 KB
5 KB 612ms
609ms Document
text/html 2607:f8b0:4006:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6521635981818320&output=html&adk=1812271804&adf=3025194257&lmt=1700673729&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Floan.medcpu.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700673728155&bpp=87&bdt=969&idt=1598&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5196680302726&frm=20&pv=2&ga_vid=1073098716.1700673730&ga_sid=1700673730&ga_hid=617285047&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44785294%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=3288722664371927&tmod=1941956604&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1801

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loan.medcpu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 4659
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 17:22:10 GMT
expires: Wed, 22 Nov 2023 17:22:10 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 wp-emoji-release.min.js
loan.medcpu.com/wp-includes/js/ 18 KB
5 KB 1346ms
1345ms Script
application/x-javascript 2606:4700:3035::ac43:930e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loan.medcpu.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: loan.medcpu.com
URL: https://loan.medcpu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:930e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 19 Nov 2023 14:03:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4904-655a15b7-4f19b8;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajO7D%2F9knT0wf%2Fvjyfcp88JWnpB9lQOOhCYaDC3R4vntLsgVnIJ9x4hDvzqc7BChGr%2FQ85V277%2BXc5Rt4307MdDzI6V8D3dOr9wjM6F%2BIawqRQsVKDmHRaqc8Qbx5Z9bbw%2BDjD%2BBvJKnMwMrfpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31536000
cf-ray: 82a2da5ce9754378-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 29 Nov 2023 17:22:11 GMT

GET
H2 200 ca-pub-6521635981818320
fundingchoicesmessages.google.com/i/ 161 KB
53 KB 322ms
90ms Script
application/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6521635981818320?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LX3ocSNFjcAxy7DxUOdAYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LX3ocSNFjcAxy7DxUOdAYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUTrCjD-d8YBDT_U3_xQK9r-bFXV_98J-7DuQHO0InKxNxOUJqr1b9tVd2NIBKQp7VHYv0BVEitd3uNVsSMEsr4HOgkRvzMNuFziE6wx74oDAJ8iV6ctvKPxX20KrGF6OTzcN-RTg==
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 100ms
58ms Script
application/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUTrCjD-d8YBDT_U3_xQK9r-bFXV_98J-7DuQHO0InKxNxOUJqr1b9tVd2NIBKQp7VHYv0BVEitd3uNVsSMEsr4HOgkRvzMNuFziE6wx74oDAJ8iV6ctvKPxX20KrGF6OTzcN-RTg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNjczNzMxLDM2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9sb2FuLm1lZGNwdS5jb20vIixudWxsLFtbOCwiTnRzNUx2WUlvYmsiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMxd0NKCczu8sV-iyoTNuKNlsKtSdw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-buhkGVnk4N0N9sXEi5XqxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-buhkGVnk4N0N9sXEi5XqxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXkUvF-CrEL921BwIfvm1Po9OHQrja8wepMVP5obBkxandRrToST3VVwi96zyvB3eEXVTRKapMJFWjn6C87Y0UKKmrowc9lAJhAAN_Royq5x8iUYO6TbPoJ6sufeWzEzHjCe8587Q==
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 167ms
167ms Script
application/javascript 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXkUvF-CrEL921BwIfvm1Po9OHQrja8wepMVP5obBkxandRrToST3VVwi96zyvB3eEXVTRKapMJFWjn6C87Y0UKKmrowc9lAJhAAN_Royq5x8iUYO6TbPoJ6sufeWzEzHjCe8587Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNjczNzMxLDU5NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vbG9hbi5tZWRjcHUuY29tLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iSgvu5XiPMxDsA6iBojmUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://loan.medcpu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:22:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-iSgvu5XiPMxDsA6iBojmUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
loan.medcpu.com
pagead2.googlesyndication.com
pagead2.googlesyndication.com
2606:4700:3035::ac43:930e
2607:f8b0:4006:808::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:824::2002
09918137760470f6bf298eb17af0eafd0e43381dffd797a96c9ec044da00d3c7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
5b6453cca7df5ca2019bff09bbe94dfde9b84c1eec1ea04abdae61be5505b364
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
947db91f8ba025357890071b5f8df7e0cdb449fbd3e252729bbae2a771f82550
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791
bfaac4d765069f0e5a6f1f0d94e74f54bf30a88d70ea167c0437be42d1341474
cba95bf402f4bc5fbb492602b75ab4a166efad7efbe5081877059a4e9b76b62a
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

loan.medcpu.com Open in urlscan Pro 2606:4700:3035::ac43:930e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

18 Requests

89 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

5 IPs

1 Countries

334 kBTransfer

1070 kBSize

Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

Cookies

Indicators

loan.medcpu.com Open in urlscan Pro
2606:4700:3035::ac43:930e Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

334 kB
Transfer

1070 kB
Size

18 HTTP transactions
0 data transactions