URL: https://www.2nd.md/
Submission: On August 06 via api from US

Summary

This website contacted 38 IPs in 8 countries across 37 domains to perform 95 HTTP transactions. The main IP is 52.35.133.87, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.2nd.md.
TLS certificate: Issued by RapidSSL RSA CA 2018 on October 16th 2019. Valid for: 2 years.
This is the only time www.2nd.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 52.35.133.87 16509 (AMAZON-02)
4 151.101.112.217 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.31.79.120 13335 (CLOUDFLAR...)
1 2600:9000:214... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 147.75.100.189 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 54.68.180.26 16509 (AMAZON-02)
2 147.75.100.205 54825 (PACKET)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 143.204.202.26 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.72.172.61 16509 (AMAZON-02)
1 143.204.202.56 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 23 169.50.137.190 36351 (SOFTLAYER)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 169.50.137.176 36351 (SOFTLAYER)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 169.50.137.179 36351 (SOFTLAYER)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 35.176.206.104 16509 (AMAZON-02)
2 143.204.202.27 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
2 2 147.75.102.200 54825 (PACKET)
1 195.181.175.46 60068 (CDN77)
1 3.233.133.91 14618 (AMAZON-AES)
1 92.123.150.214 16625 (AKAMAI-AS)
1 2 52.30.234.204 16509 (AMAZON-02)
1 2 216.52.2.48 29791 (VOXEL-DOT...)
1 35.244.245.222 15169 (GOOGLE)
1 1 172.217.16.130 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2 185.33.221.88 29990 (ASN-APPNEX)
1 198.148.27.139 19189 (PULSEPOINT)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 35.244.159.8 15169 (GOOGLE)
2 2 172.217.23.162 15169 (GOOGLE)
95 38
Apex Domain
Subdomains
Transfer
38 2nd.md
www.2nd.md
2 MB
25 simpli.fi
um.simpli.fi
tag.simpli.fi
i.simpli.fi
14 KB
5 gstatic.com
fonts.gstatic.com
64 KB
4 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
72 KB
4 vimeo.com
player.vimeo.com
13 KB
3 exelator.com
loadm.exelator.com
load77.exelator.com
3 KB
3 chatbot.com
cdn.chatbot.com
12 KB
3 rlets.com
cdn.rlets.com
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
42 KB
2 openx.net
us-u.openx.net
481 B
2 adnxs.com
ib.adnxs.com
2 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 lijit.com
ce.lijit.com
968 B
2 crwdcntrl.net
bcp.crwdcntrl.net
978 B
2 pro-market.net
fei.pro-market.net
878 B
2 intentiq.com
sync.intentiq.com
2 KB
2 facebook.com
www.facebook.com
406 B
2 facebook.net
connect.facebook.net
166 KB
2 google.de
www.google.de
213 B
2 google.com
www.google.com
417 B
2 google-analytics.com
www.google-analytics.com
18 KB
1 rubiconproject.com
pixel.rubiconproject.com
772 B
1 contextweb.com
bh.contextweb.com
530 B
1 googleadservices.com
www.googleadservices.com
897 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 bluekai.com
stags.bluekai.com
329 B
1 bfmio.com
sync.bfmio.com
421 B
1 agkn.com
aa.agkn.com
319 B
1 tremorhub.com
simplifi.partners.tremorhub.com
182 B
1 hubspot.com
track.hubspot.com
528 B
1 reachlocalservices.com
capture-api.reachlocalservices.com
557 B
1 hs-analytics.net
js.hs-analytics.net
18 KB
1 hs-banner.com
js.hs-banner.com
7 KB
1 googletagmanager.com
www.googletagmanager.com
28 KB
1 hs-scripts.com
js.hs-scripts.com
857 B
1 kickfactory.com
ping.kickfactory.com
1 KB
1 googleapis.com
fonts.googleapis.com
936 B
95 37
Domain Requested by
38 www.2nd.md www.2nd.md
23 um.simpli.fi 16 redirects cdn.rlets.com
5 fonts.gstatic.com www.2nd.md
4 player.vimeo.com www.2nd.md
3 cdn.chatbot.com www.2nd.md
cdn.chatbot.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 sync.search.spotxchange.com 1 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 2 redirects
2 fei.pro-market.net 2 redirects
2 sync.intentiq.com
2 www.facebook.com
2 connect.facebook.net cdn.rlets.com
connect.facebook.net
2 www.google.de www.2nd.md
2 www.google.com 2 redirects
2 www.google-analytics.com 1 redirects www.2nd.md
2 9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com cdn.rlets.com
1 pixel.rubiconproject.com
1 bh.contextweb.com
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 stags.bluekai.com
1 sync.bfmio.com
1 load77.exelator.com
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 i.simpli.fi tag.simpli.fi
1 tag.simpli.fi cdn.rlets.com
1 track.hubspot.com
1 capture-api.reachlocalservices.com cdn.rlets.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 stats.g.doubleclick.net 1 redirects
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 script.hotjar.com static.hotjar.com
1 www.googletagmanager.com www.2nd.md
1 static.hotjar.com www.2nd.md
1 js.hs-scripts.com www.2nd.md
1 cdn.rlets.com www.2nd.md
1 ping.kickfactory.com www.2nd.md
1 fonts.googleapis.com www.2nd.md
95 46

This site contains links to these domains. Also see Links.

Domain
play.google.com
itunes.apple.com
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
*.2nd.md
RapidSSL RSA CA 2018
2019-10-16 -
2021-11-07
2 years crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-04-23 -
2021-04-24
a year crt.sh
upload.video.google.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-18 -
2021-07-18
a year crt.sh
*.rlets.com
DigiCert SHA2 High Assurance Server CA
2018-01-26 -
2021-02-03
3 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3
2020-06-17 -
2020-09-15
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-07-07 -
2020-09-29
3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3
2020-06-18 -
2020-09-16
3 months crt.sh
chatbot.com
Amazon
2019-10-24 -
2020-11-24
a year crt.sh
www.google.de
GTS CA 1O1
2020-07-15 -
2020-10-07
3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3
2020-06-16 -
2020-09-14
3 months crt.sh
*.hotjar.com
Amazon
2019-09-27 -
2020-10-27
a year crt.sh
*.reachlocalservices.com
DigiCert SHA2 High Assurance Server CA
2018-01-26 -
2021-02-03
3 years crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2020-07-27 -
2021-07-27
a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA
2019-09-18 -
2021-12-12
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-07-21 -
2020-10-12
3 months crt.sh
*.tremorhub.com
Amazon
2020-07-25 -
2021-08-25
a year crt.sh
*.intentiq.com
Amazon
2020-04-10 -
2021-05-10
a year crt.sh
1605158521.rsc.cdn77.org
Let's Encrypt Authority X3
2020-06-09 -
2020-09-07
3 months crt.sh
*.bfmio.com
Amazon
2020-06-14 -
2021-07-14
a year crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1
2020-04-14 -
2021-04-10
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2019-06-13 -
2021-06-28
2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2020-03-11 -
2021-05-10
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-14 -
2021-04-23
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2019-03-20 -
2021-04-21
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2020-05-07 -
2022-05-12
2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh

This page contains 6 frames:

Primary Page: https://www.2nd.md/
Frame ID: F4126C685B89F323FF08F9407737B9AE
Requests: 92 HTTP requests in this frame

Frame: https://player.vimeo.com/video/371215993?title=0&byline=0&portrait=0
Frame ID: 1206BB14B1688D6DB3003D55AF666C54
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0
Frame ID: D1151A4CB1FBF8B1C42D5197E7F83609
Requests: 1 HTTP requests in this frame

Frame: https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Frame ID: DAAA57BDAF76E7D86A0DA880651500D6
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 2CE174F7A6AF51594C40DE552F5B2136
Requests: 1 HTTP requests in this frame

Frame: https://cdn.chatbot.com/widget/chat.html?id=5d5ec2ba4f2cc853b4813015&v=631
Frame ID: 2671696C0F66E55653DA4F4C91A72A54
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

95
Requests

100 %
HTTPS

38 %
IPv6

37
Domains

46
Subdomains

38
IPs

8
Countries

2423 kB
Transfer

3774 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=775942440&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2nd.md%2F&ul=en-us&de=UTF-8&dt=2nd.MD%20%7C%20Specializing%20in%20Medical%20Certainty%20%7C%20Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1125533417&gjid=81685460&cid=693504291.1596705354&tid=UA-22644076-1&_gid=324681721.1596705354&_r=1&z=878459292 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_gid=324681721.1596705354&gjid=81685460&_v=j83&z=878459292 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_v=j83&z=878459292 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_v=j83&z=878459292&slf_rd=1&random=3659678479
Request Chain 74
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=87EDF4D056964721BFF92F178D718F41
Request Chain 76
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=87EDF4D056964721BFF92F178D718F41 HTTP 302
  • https://um.simpli.fi/aa_px?sk=164860603505000498421
Request Chain 78
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=87EDF4D056964721BFF92F178D718F41
Request Chain 81
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=87EDF4D056964721BFF92F178D718F41;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=87EDF4D056964721BFF92F178D718F41;mimetype=img;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2141202535548406645
Request Chain 82
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=87EDF4D056964721BFF92F178D718F41&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=87EDF4D056964721BFF92F178D718F41&j=0&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 84
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=87EDF4D056964721BFF92F178D718F41
Request Chain 85
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=87EDF4D056964721BFF92F178D718F41
Request Chain 86
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EBE2196FC8D8412FA1FEFD86773D36B9 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBE2196FC8D8412FA1FEFD86773D36B9
Request Chain 87
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EBE2196FC8D8412FA1FEFD86773D36B9 HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=EBE2196FC8D8412FA1FEFD86773D36B9&dnr=1
Request Chain 88
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EBE2196FC8D8412FA1FEFD86773D36B9
Request Chain 89
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1596705356009&cv=7&fst=1596705356009&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TcorX-L0K-PG7_UP3LqGyAo&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TcorX-L0K-PG7_UP3LqGyAo&random=2776338848 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TcorX-L0K-PG7_UP3LqGyAo&random=2776338848&ipr=y
Request Chain 90
  • https://um.simpli.fi/spotx_match HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBE2196FC8D8412FA1FEFD86773D36B9 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBE2196FC8D8412FA1FEFD86773D36B9&__user_check__=1&sync_id=702330fd-d7c5-11ea-adbf-1f932c7f2806
Request Chain 91
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=EBE2196FC8D8412FA1FEFD86773D36B9 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBE2196FC8D8412FA1FEFD86773D36B9
Request Chain 92
  • https://um.simpli.fi/cw_match HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=EBE2196FC8D8412FA1FEFD86773D36B9
Request Chain 93
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBE2196FC8D8412FA1FEFD86773D36B9&expires=365
Request Chain 94
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EBE2196FC8D8412FA1FEFD86773D36B9 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBE2196FC8D8412FA1FEFD86773D36B9
Request Chain 95
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEIKL5C5IKOiDFMYKbE05vCE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBE2196FC8D8412FA1FEFD86773D36B9 HTTP 302
  • https://um.simpli.fi/g_match?id=

95 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.2nd.md/
44 KB
13 KB
Document
General
Full URL
https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
3c73ed04e4c30d6b432f87e89d804610fa6acd9c7d7ac1bb8ba5e021878008ec
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
www.2nd.md
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
Server
Apache/2.4.18 (Ubuntu)
Strict-Transport-Security
max-age=63072000; includeSubdomains;
X-Frame-Options
SAMEORIGIN
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding,Origin
Content-Encoding
gzip
Content-Length
12270
Content-Type
text/html; charset=UTF-8
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
X-Content-Type-Options
nosniff
Content-Secure-Policy
default-src 'self';
X-XSS-Protection
1; mode=block
Set-Cookie
csrftokencookie=df4f26533701f7519b64413942f01f84; expires=Thu, 06-Aug-2020 11:15:52 GMT; Max-Age=7200; path=/; secure;Secure;HttpOnly; Secure; HttpOnly ci_session=t1hg9f8ll0oav84t7qoltmdu7evs3bi3; path=/; secure; HttpOnly;Secure;HttpOnly; Secure; HttpOnly ROUTEID=.newatlas; path=/; Secure; HttpOnly
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
jquery-3.5.1.js
www.2nd.md/assets/webLayout/js/
281 KB
281 KB
Script
General
Full URL
https://www.2nd.md/assets/webLayout/js/jquery-3.5.1.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
287630
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 07 Jul 2020 19:40:44 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"4638e-5a9df2acd96b4"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/javascript
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
bootstrap.bundle.js
www.2nd.md/assets/webLayout/js/
218 KB
218 KB
Script
General
Full URL
https://www.2nd.md/assets/webLayout/js/bootstrap.bundle.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
222911
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:38 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"366bf-58dddf86499d4"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/javascript
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
player.js
player.vimeo.com/api/
18 KB
7 KB
Script
General
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93b1524a3b404177560f00be38ccb97fbdc44a0e9ae7061d652d79b6a07f4bfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
763
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-3
Content-Length
5776
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4032-HHN
X-Player-Backend
p
Expires
Thu, 06 Aug 2020 09:33:09 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1596705352.476470,VS0,VE0
Date
Thu, 06 Aug 2020 09:15:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
1170
home.js
www.2nd.md/assets/webLayout/js/
433 B
1022 B
Script
General
Full URL
https://www.2nd.md/assets/webLayout/js/home.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e8c0eda8021c7013fc1fa6f5e459d91f1f040a2a08624705bd709a6c20a6ac94
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
433
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 16 Jan 2020 11:38:27 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"1b1-59c40437fceac"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/javascript
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
jquery.selectability.js
www.2nd.md/assets/js/activate/
10 KB
11 KB
Script
General
Full URL
https://www.2nd.md/assets/js/activate/jquery.selectability.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
14f905acd15b4da4e764b68c55c3ceade618305bda35619229827f6e820af273
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
10212
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 21 Mar 2019 14:43:06 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"27e4-5849bc196f8c5"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/javascript
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
css
fonts.googleapis.com/
10 KB
936 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3b220e9cc7f7b6c5ff0281103e70384c5d8ef17aefabcabf082961e7e48fc7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 06 Aug 2020 09:15:52 GMT
server
ESF
date
Thu, 06 Aug 2020 09:15:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 06 Aug 2020 09:15:52 GMT
bootstrap.min.css
www.2nd.md/assets/webLayout/css/
152 KB
23 KB
Stylesheet
General
Full URL
https://www.2nd.md/assets/webLayout/css/bootstrap.min.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding,Origin
Content-Length
23238
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"2606e-58dddf85a2a01-gzip"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/css
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
all.css
www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/
67 KB
13 KB
Stylesheet
General
Full URL
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding,Origin
Content-Length
12606
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"10df1-58dddf85a6881-gzip"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/css
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
webLayout.css
www.2nd.md/assets/webLayout/css/
93 KB
14 KB
Stylesheet
General
Full URL
https://www.2nd.md/assets/webLayout/css/webLayout.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
30b0db73e73dc03aac73080f5a39f05779109a9b338300138fde0a9f90f4efc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Accept-Encoding,Origin
Content-Length
14206
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 04 Aug 2020 09:00:06 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"175fb-5ac097b4d56f7-gzip"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
text/css
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
ping.js
ping.kickfactory.com/
1 KB
1 KB
Script
General
Full URL
https://ping.kickfactory.com/ping.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.79.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Jun 2017 16:02:40 GMT
server
cloudflare
cf-polished
origSize=1763
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
status
200
expires
Thu, 06 Aug 2020 09:17:34 GMT
cache-control
max-age=14400
cf-ray
5be7a7eb3e090dfe-MXP
cf-request-id
0464a7470500000dfee8040200000001
cf-bgj
minify
5014927a5dbf0855d40cd00.js
cdn.rlets.com/capture_configs/9f2/f60/d18/
170 KB
42 KB
Script
General
Full URL
https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:4000:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad43399788593bd34ed320b3edcb6b78968b46c5fa3ae7ed908a5ddb43eed941

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 15:18:54 GMT
content-encoding
gzip
last-modified
Tue, 04 Aug 2020 14:02:15 GMT
server
AmazonS3
age
64620
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
status
200
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
oMQCIzBIdPGZkKKrsVcYRsDagvUp4Q5UOTpsTGiXE-EPs0Jm2gcMWw==
via
1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront)
logo_2nd_md_white_notag.png
www.2nd.md/assets/webLayout/img/
4 KB
4 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logo_2nd_md_white_notag.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
dbf541e2d286d5962e48c78ddbca0d7f3d83479085c3b45c8c20566d71204221
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
3777
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 30 Jan 2020 11:18:18 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"ec1-59d599d2c98d6"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
activate_icon.png
www.2nd.md/assets/webLayout/icons/
3 KB
4 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/activate_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4fcbbc1c69655d002e8e75ee82a9c7a027802ad77ef0feace7e0a960e92565e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
3198
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"c7e-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
connect_icon.png
www.2nd.md/assets/webLayout/icons/
11 KB
12 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/connect_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
53fc328e55b4402708adb81656504b6e1f740ad9cf57e2d057abe883910a4804
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
11468
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"2ccc-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
consult_icon.png
www.2nd.md/assets/webLayout/icons/
7 KB
7 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/consult_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
41ef7434306dfbbc4c88dce5d5f0c3a225321057c71a6fdf68dcd6a77fe1a4db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
6857
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"1ac9-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
play_btn.png
www.2nd.md/assets/webLayout/icons/
6 KB
7 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/play_btn.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c36146a7aabe70aa9836039f03d9b05d1a0ebdf250e7d2aeb85a8556ccb1f896
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
6140
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"17fc-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
innovation_icon.png
www.2nd.md/assets/webLayout/icons/
6 KB
7 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/innovation_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
615ec577e40da7fc8c36c198398f85545ada211009c193134a25742a00dc5945
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
6509
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"196d-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
advantage_rocket_icon.png
www.2nd.md/assets/webLayout/icons/
17 KB
17 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/advantage_rocket_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c31c4221b649eafa1b062de1f7c57404a32e36da89abc05fce901fd749cb2371
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
17132
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"42ec-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
advantage_doctor_icon.png
www.2nd.md/assets/webLayout/icons/
16 KB
16 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/advantage_doctor_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4bccb8073f5220c4cdc04f16f1dbad3e6efed57d476feaaec41e0a8b91c24287
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
16142
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"3f0e-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
boston_children_hospital_logo.png
www.2nd.md/assets/webLayout/img/logos/
15 KB
15 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logos/boston_children_hospital_logo.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
58864da979d42158f75ff6f7fcacdaf12be6c4f5bcdc5cc626c9f738af894e4c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
15212
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"3b6c-58dddf85e40dc"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
massachusetts_general_hospital_logo.png
www.2nd.md/assets/webLayout/img/logos/
15 KB
16 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logos/massachusetts_general_hospital_logo.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
39316083a35de397c861785afe9f734380a06e461a9fdd5df106332098b1086d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
15665
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"3d31-58dddf85e601c"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
memorial_sloan_kettering_cancer_center_logo.png
www.2nd.md/assets/webLayout/img/logos/
18 KB
18 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logos/memorial_sloan_kettering_cancer_center_logo.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
287394b571970a71d1bab5824389aed2caab6443676ddc124db6d31a48b17e2d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
18327
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"4797-58dddf85e601c"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
mayo_clinic_logo.png
www.2nd.md/assets/webLayout/img/logos/
9 KB
10 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logos/mayo_clinic_logo.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
bbb02d2942779548d4212b7365c11bd01b22211ca57096f70237a60afbb262f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
9430
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"24d6-58dddf85e601c"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
university_of_california_san_francisco_logo.png
www.2nd.md/assets/webLayout/img/logos/
6 KB
7 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logos/university_of_california_san_francisco_logo.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
4a869a78cbc58da6e10c61c139398e9adefed7ae56ebaa27bab05242ea600dfc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
6264
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"1878-58dddf85e601c"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
hospital_for_special_surgery_logo.png
www.2nd.md/assets/webLayout/img/logos/
9 KB
10 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logos/hospital_for_special_surgery_logo.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
40f319fd8fbb1033faf348bb52863da1921472bde9a991fb46f3fbedcb96999f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
9247
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"241f-58dddf85e507c"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
get_it_on_google_play.png
www.2nd.md/assets/webLayout/img/
7 KB
7 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/get_it_on_google_play.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
cc4b54d8fe56ccc9d18e8c8978309e8dd654153e6b71b426245a3c6418d55ff9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
6764
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"1a6c-58e0a29ec47f1"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
download_on_the_app_store.png
www.2nd.md/assets/webLayout/img/
4 KB
5 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/download_on_the_app_store.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5088f1fe75b2e1d3bd2a0e403c99510c2824afcfc3b996ff675bd5892c08758c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
4321
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"10e1-58e0a29ec3851"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
logo_2nd_md_white.png
www.2nd.md/assets/webLayout/img/
26 KB
27 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/logo_2nd_md_white.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
9587590381f820bfed471a61ea1a6f29c1e4f32df48ac7d33a79d24ddd02c8ce
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
26881
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 30 Jan 2020 11:18:18 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"6901-59d599d2c98d6"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
fb_icon.png
www.2nd.md/assets/webLayout/icons/
1 KB
2 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/fb_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ebddd17c3cefd87dec926c9e32d15e7dbc331731dbe279fb7fadbfe8aefac5a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
1276
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"4fc-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
twitter_icon.png
www.2nd.md/assets/webLayout/icons/
1 KB
2 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/twitter_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c54fac230b996aaf38ce0a7f7b423c3c386b67b48e769ed7fdf6bd9c054b242c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
1472
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"5c0-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
linkedin_icon.png
www.2nd.md/assets/webLayout/icons/
1 KB
2 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/icons/linkedin_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
afd56241da1a9abe8d650d367e4eb8749664ff103c425f180d17a0b892bf09d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
1338
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"53a-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
4455734.js
js.hs-scripts.com/
793 B
857 B
Script
General
Full URL
https://js.hs-scripts.com/4455734.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4595d10b67565c35cf6b33b55960b3ba67340f528c4e30656a8c54275d77739c

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:53 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
status
200
cf-request-id
0464a7480900000eaf269d8200000001
server
cloudflare
x-trace
2B62723C3C391BFC36C751249A6AF868BA55DEC654000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.2nd.md
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
5be7a7ecd8840eaf-FRA
expires
Thu, 06 Aug 2020 09:16:53 GMT
hotjar-1426662.js
static.hotjar.com/c/
3 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.189 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress1
Software
/
Resource Hash
bf95c22668665b7ca0e16cefcf5036867e1b0b2b5f1592a2d3af96bf16636225
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:53 GMT
content-encoding
br
x-content-type-options
nosniff
section-io-tag
hotjarjs
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
cache-control
max-age=60
etag
W/7bdab5b02c762eff5dd2108057d4acb9
access-control-max-age
600
section-io-origin-status
200
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.020
section-io-id
9512d457ff664df87127814ea95ed618
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
gtm.js
www.googletagmanager.com/
74 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K35W95K
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5dfc69832102207532078d7dd4309ac27971eed792b766c51a4529f6fdb7b7b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:53 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28812
x-xss-protection
0
last-modified
Thu, 06 Aug 2020 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 06 Aug 2020 09:15:53 GMT
371215993
player.vimeo.com/video/ Frame 1206
0
0
Document
General
Full URL
https://player.vimeo.com/video/371215993?title=0&byline=0&portrait=0
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.2nd.md/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/

Response headers

Connection
keep-alive
Content-Length
5229
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 06 Aug 2020 09:25:53 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
0
X-VServer
infra-playproxy-a-8
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Thu, 06 Aug 2020 09:15:53 GMT
Age
0
X-Served-By
cache-hhn4032-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1596705354.738487,VS0,VE150
Vary
Accept-Encoding
X-Player-Backend
p
301039111
player.vimeo.com/video/ Frame D115
0
0
Document
General
Full URL
https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.2nd.md/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/

Response headers

Connection
keep-alive
Content-Length
8236
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-dev.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 06 Aug 2020 09:24:18 GMT
Via
1.1 varnish 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Thu, 06 Aug 2020 09:15:53 GMT
Age
0
X-Served-By
cache-hhn4056-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1596705354.790714,VS0,VE95
Vary
Accept-Encoding
X-Player-Backend
p
speak-with-top-doctors-2nd-md.jpg
www.2nd.md/assets/webLayout/img/
175 KB
175 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/speak-with-top-doctors-2nd-md.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
110665c0649ece6975c23fe91f3e1ddc2f566f8d01d9a45764f0abb01d8a0e1b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
178703
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"2ba0f-58e0a29ec6731"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
bg-video-home-clint.jpg
www.2nd.md/assets/webLayout/img/
122 KB
122 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/bg-video-home-clint.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
105bf192b0de2fe15283368bf38695910531a3ad5988d0c4aad603713154904f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
124594
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"1e6b2-58e0a29ec3851"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
secondmd_experience.jpg
www.2nd.md/assets/webLayout/img/
90 KB
91 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/secondmd_experience.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c8adc59be1a71f699cb475a32ef2ce1b5fcbb8d2ffdc2c526c9294c1ee28d5a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
92581
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 28 Aug 2019 12:26:08 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"169a5-5912c7e5ef035"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
truncated
/
140 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31ea5ac7253c4f6cad4e724d9c697a69999f0483e95644e69116bd3c33e9761e

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
140 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a10f7d16764f0864117461ba5605694afebce75e73058a8cd0f4d5e441684f1f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
daphne_haas-kogan2.jpg
www.2nd.md/assets/webLayout/img/specialists/
50 KB
50 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/specialists/daphne_haas-kogan2.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
916d6b371bc9d935b474ce2a0f1a90913cc908e531bce28766af7f3b5303767b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
51050
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Jul 2019 17:02:13 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"c76a-58e48099a7bbc"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
andre_panagos2.jpg
www.2nd.md/assets/webLayout/img/specialists/
14 KB
14 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/specialists/andre_panagos2.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5c0dfafc97ec4a923913656f0d7dd60f035ee8a3bf2cbcc5c8bb92a1d2bab035
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
14133
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Jul 2019 17:02:13 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"3735-58e48099a7bbc"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
brian_cole2.jpg
www.2nd.md/assets/webLayout/img/specialists/
41 KB
42 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/specialists/brian_cole2.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2b0ea9c65829c212db24c7b205a602f1744230e36d60f9d5291e154d188b3a2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
42189
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Jul 2019 17:02:13 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"a4cd-58e48099a7bbc"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
leo_wang2.jpg
www.2nd.md/assets/webLayout/img/specialists/
42 KB
43 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/specialists/leo_wang2.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f7ea899852ddc0505456b959021866a598227cf782f5992b61940dca6f3c2ffd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
43044
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 22 Jul 2019 17:02:13 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"a824-58e48099a7bbc"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
secondmd_phone.png
www.2nd.md/assets/webLayout/img/
465 KB
465 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/secondmd_phone.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
f61ffac65404444c155cb5157ca7512145f726382e48f150bfcb055cf252348a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
475736
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"74258-58e0a29ec5791"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/png
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
footer-background.jpg
www.2nd.md/assets/webLayout/img/
118 KB
119 KB
Image
General
Full URL
https://www.2nd.md/assets/webLayout/img/footer-background.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
28218abf458dfaa037bdab364a5bbf1e3a3bf0cbaf65d78519ad1f63c110484e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:54 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
120888
X-XSS-Protection
1; mode=block
Last-Modified
Fri, 19 Jul 2019 15:13:07 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"1d838-58e0a29ec47f1"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Content-Type
image/jpeg
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Origin
https://www.2nd.md

Response headers

date
Thu, 09 Jul 2020 04:13:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:50 GMT
server
sffe
age
2437364
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13464
x-xss-protection
0
expires
Fri, 09 Jul 2021 04:13:09 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Origin
https://www.2nd.md

Response headers

date
Fri, 24 Jul 2020 10:06:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
1120188
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Sat, 24 Jul 2021 10:06:05 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Origin
https://www.2nd.md

Response headers

date
Wed, 15 Jul 2020 20:11:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:41 GMT
server
sffe
age
1861478
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13640
x-xss-protection
0
expires
Thu, 15 Jul 2021 20:11:15 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Origin
https://www.2nd.md

Response headers

date
Fri, 24 Jul 2020 04:57:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:47:06 GMT
server
sffe
age
1138715
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13612
x-xss-protection
0
expires
Sat, 24 Jul 2021 04:57:18 GMT
fa-solid-900.woff2
www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/
73 KB
73 KB
Font
General
Full URL
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.133.87 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-133-87.us-west-2.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
Origin
https://www.2nd.md

Response headers

Date
Thu, 06 Aug 2020 09:15:53 GMT
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Vary
Origin
Content-Length
74328
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 17 Jul 2019 10:29:37 GMT
Server
Apache/2.4.18 (Ubuntu)
X-Frame-Options
SAMEORIGIN
ETag
"12258-58dddf85b2400"
Strict-Transport-Security
max-age=63072000; includeSubdomains;
Access-Control-Allow-Origin
https://www.2nd.md
Content-Secure-Policy
default-src 'self';
Content-Security-Policy
frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Origin
https://www.2nd.md

Response headers

date
Wed, 29 Jul 2020 23:10:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
641108
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 29 Jul 2021 23:10:45 GMT
player.js
player.vimeo.com/api/
18 KB
7 KB
Script
General
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93b1524a3b404177560f00be38ccb97fbdc44a0e9ae7061d652d79b6a07f4bfe
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
765
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-3
Content-Length
5776
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4032-HHN
X-Player-Backend
p
Expires
Thu, 06 Aug 2020 09:33:09 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1596705354.969215,VS0,VE0
Date
Thu, 06 Aug 2020 09:15:53 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
1178
storage.html
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/ Frame DAAA
0
0
Document
General
Full URL
https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.180.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
:scheme
https
:path
/static/storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/

Response headers

status
200
date
Thu, 06 Aug 2020 09:15:54 GMT
content-type
text/html
content-length
2725
last-modified
Wed, 06 May 2020 15:44:03 GMT
modules.9e0dfa53977fdaaa37e1.js
script.hotjar.com/
355 KB
69 KB
Script
General
Full URL
https://script.hotjar.com/modules.9e0dfa53977fdaaa37e1.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.205 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress5
Software
/
Resource Hash
5aa59976259ce2568a094d8d2605551354f43fe4b883c26a4de607b99abe8ba7

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:54 GMT
content-encoding
br
age
15153
status
200
section-io-cache
Hit
content-length
70592
last-modified
Wed, 05 Aug 2020 17:04:19 GMT
etag
"1dc18948738035294e4ca2d8276406b4"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.118
section-io-id
680a224b04689948ddb957e5866f2e86
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
2533
date
Thu, 06 Aug 2020 08:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Thu, 06 Aug 2020 10:33:41 GMT
plugin.js
cdn.chatbot.com/widget/
34 KB
11 KB
Script
General
Full URL
https://cdn.chatbot.com/widget/plugin.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-26.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eeff0d70b416411b6651a537ac0572bfa50befb11af2c20aa829d1fe6915e67

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
SOjBVXsgNVTU2U0wbASoq.qcFFj1p5sx
content-encoding
gzip
last-modified
Tue, 14 Jul 2020 09:24:21 GMT
server
AmazonS3
age
1961
date
Thu, 06 Aug 2020 08:43:14 GMT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=3600
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
qHH98XL7YUkmTC3ozB3dg8-acPOAaeCNNDFQd5tRYKdVZ5K39J4wjg==
via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
4455734.js
js.hs-banner.com/
22 KB
7 KB
Script
General
Full URL
https://js.hs-banner.com/4455734.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07710bec6a149dfb0719d7be3f9277697f6287e785ae3e9271887d35ea914ff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=IzyZ9Q==, md5=adEwFPX8FT//S82fo0HeaA==
date
Thu, 06 Aug 2020 09:15:54 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AAANsUn4g8_UGPZszTo5PPFrSeRRJCuHuyK6KEyCxG7wp7jPql4nQ0jE4HilkVSMLnCng2CfpBzv_1SJpmw1KqF056E
x-goog-storage-class
STANDARD
status
200
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
cf-request-id
0464a7494e0000c2f97ab70200000001
timing-allow-origin
*
last-modified
Wed, 27 May 2020 03:37:23 GMT
server
cloudflare
etag
W/"69d13014f5fc153fff4bcd9fa341de68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1590550643056334
access-control-allow-origin
https://www.2nd.md
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
22805
cf-ray
5be7a7eee90ec2f9-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 06 Aug 2020 09:20:54 GMT
4455734.js
js.hs-analytics.net/analytics/1596705300000/
59 KB
18 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1596705300000/4455734.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
966b864bab11f0e78e1ee1ee283092ef6cc12eb650395fcd0d98c042ce09169c

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:54 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
F0867DB96857F135
x-amz-server-side-encryption
AES256
cf-ray
5be7a7eeb9971f35-FRA
status
200
x-amz-id-2
oy5Ani6/ksedWIoHcQHYhN1j7Hsm1qjsdNSaOID9yJaMGHKvyROjQSwVCy6V0znZXO1q+KG4iP0=
last-modified
Mon, 20 Jul 2020 14:49:26 GMT
server
cloudflare
etag
W/"7166c09977a4169d04591364668ecb70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
0464a7493500001f353d103200000001
content-type
text/javascript
expires
Thu, 06 Aug 2020 09:20:54 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=775942440&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2nd.md%2F&ul=en-us&de=UTF-8&dt=2nd.MD%20%7C%20Specializing%20in%20Medical%20Certainty%20%7C%20...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_gid=324681721.1596705354&gjid=81685460&_v=j83&z=878459292
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_v=j83&z=878459292
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_v=j83&z=878459292&slf_rd=1&random=3659678479
42 B
106 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_v=j83&z=878459292&slf_rd=1&random=3659678479
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22644076-1&cid=693504291.1596705354&jid=1125533417&_v=j83&z=878459292&slf_rd=1&random=3659678479
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2CE1
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.205 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress5
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/

Response headers

status
200
date
Thu, 06 Aug 2020 09:15:54 GMT
content-type
text/html
content-length
851
last-modified
Wed, 05 Aug 2020 17:04:15 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.118
section-origin-responded
true
age
9591
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
f8c96711f8642dfa065bf18c2ff61e42
polyfill.js
cdn.chatbot.com/widget/
72 B
387 B
Script
General
Full URL
https://cdn.chatbot.com/widget/polyfill.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-26.fra53.r.cloudfront.net
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:54 GMT
via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
status
200
access-control-allow-methods
GET,HEAD
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-cache
Miss from cloudfront
content-length
72
x-amz-cf-id
qFGyWFbmyR6Jh3wcySjIdXwgA_33VsrImW_FrVmeSnBvZfMjmmmeFQ==
visit-data
in.hotjar.com/api/v2/client/sites/1426662/
178 B
320 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1426662/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.9e0dfa53977fdaaa37e1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.172.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 06 Aug 2020 09:15:54 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
chat.html
cdn.chatbot.com/widget/ Frame 2671
0
0
Document
General
Full URL
https://cdn.chatbot.com/widget/chat.html?id=5d5ec2ba4f2cc853b4813015&v=631
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.26 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-26.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.chatbot.com
:scheme
https
:path
/widget/chat.html?id=5d5ec2ba4f2cc853b4813015&v=631
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/

Response headers

status
200
content-type
text/html; charset=utf-8
content-length
572
last-modified
Tue, 14 Jul 2020 09:24:21 GMT
x-amz-version-id
B__b.hbGtOFi.H4yxMnXINBfjfNemem9
accept-ranges
bytes
server
AmazonS3
date
Thu, 06 Aug 2020 08:43:21 GMT
etag
"87d64fab467dce347a19230c2e9a5ffe"
cache-control
public, max-age=3600
x-cache
Hit from cloudfront
via
1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Jth9CQXz6eS8VAuJmGSaNgx29lPV2bfw9zRH1UMZ5QkfP_l6aKuAdA==
age
1954
originCountry
capture-api.reachlocalservices.com/
36 B
557 B
XHR
General
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.56 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-56.fra53.r.cloudfront.net
Software
/
Resource Hash
556b8a36ce500fd3fed6661f1dcf5e9cdf44a2e5862fb6abf0984ece9c58e6ce

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 06 Aug 2020 09:15:55 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amzn-requestid
3be75508-f5fe-48dc-bb5a-440af79ce161
status
200
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5f2bca4b-44ffe9508b103db027d1aee0;Sampled=0
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
Q1yLyGEVvHcFZzQ=
content-length
36
x-amz-cf-id
whHr9K4M6BIWarMynTCGZsNa_yfrzyAFirkq6b7Zdk21oYD4bI7DHQ==
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
__ptq.gif
track.hubspot.com/
45 B
528 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2017058934&v=1.1&a=4455734&pu=https%3A%2F%2Fwww.2nd.md%2F&t=2nd.MD+%7C+Specializing+in+Medical+Certainty+%7C+Home&cts=1596705355250&vi=142c6c87ef5a04427d7f2e90252694b8&nc=true&u=112361499.142c6c87ef5a04427d7f2e90252694b8.1596705355247.1596705355247.1596705355247.1&b=112361499.1.1596705355247
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
5be7a7f678bbd6f5-FRA
date
Thu, 06 Aug 2020 09:15:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
0464a74e070000d6f5fa88f200000001
x-robots-tag
none
gannett
um.simpli.fi/
33 B
534 B
XHR
General
Full URL
https://um.simpli.fi/gannett
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e4d4f568e51f6cb3352061fcf4441b3e051b709bd1dd11230aa16a0082da4ca6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 06 Aug 2020 09:15:55 GMT
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
fbevents.js
connect.facebook.net/en_US/
134 KB
34 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
private
x-fb-debug
4efZ9pnYjCHi8en+GNkuTLqTGwl8huVt9sC2CYhtMGSPbGqb+buM+PrAnMqhpkVJi03h5x6Ckz00JaXxNgKcoA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 06 Aug 2020 09:15:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private
expires
Sat, 01 Jan 2000 00:00:00 GMT
3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
tag.simpli.fi/sifitag/
2 KB
3 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b0.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 06 Aug 2020 09:15:55 GMT
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
1998
x-request-id
FiijD605hAxZ9RK9yySB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
2314438768818997
connect.facebook.net/signals/config/
522 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2314438768818997?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e72688e86a353de99d551a9ac3fe04392336d8dad69492fcb241389413a2f39c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
89ztz4jVz2D43+Lek2X2RSABUL0fwKgsl6rf5Bk0zaaAjm+fe3v7DlffbLelC3GnwuH8MJkS8kjUYE1zOz5Flw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 06 Aug 2020 09:15:55 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
260 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2314438768818997&ev=PageView&dl=https%3A%2F%2Fwww.2nd.md%2F&rl=&if=false&ts=1596705355674&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596705355673.1695386469&it=1596705355568&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 06 Aug 2020 09:15:55 GMT
visits
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/api/v1/
142 B
543 B
XHR
General
Full URL
https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/api/v1/visits
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.180.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
858b9f7b7bcc39309051d659c7256f8f84f28b336ecfd94544ea9e0dd248b289
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-runtime
0.006765
date
Thu, 06 Aug 2020 09:15:56 GMT
status
200
etag
W/"9696743013dd7f4e38eb4851a15b2961"
x-frame-options
ALLOWALL
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
access-control-allow-headers
Content-Type
x-request-id
7b2b1d5d-c6a7-4c6d-a8eb-30496bac10aa
p
i.simpli.fi/
749 B
1 KB
Script
General
Full URL
https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/3f25cc00-b9ab-0134-0eba-0cc47a63c1a4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b3.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
488c7ee3ac2556cbba10e2c6bca6494248134eb33b14f366fc32c69fa63e7545
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
application/javascript; charset=UTF-8
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=87EDF4D056964721BFF92F178D718F41
43 B
182 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=87EDF4D056964721BFF92F178D718F41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:93eb:750:9e98:59c2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 06 Aug 2020 09:15:56 GMT
server
Apache-Coyote/1.1
content-type
image/gif
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://simplifi.partners.tremorhub.com/sync?UISF=87EDF4D056964721BFF92F178D718F41
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:56 GMT
/
www.facebook.com/tr/
44 B
146 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2314438768818997&ev=Microdata&dl=https%3A%2F%2Fwww.2nd.md%2F&rl=&if=false&ts=1596705356178&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%222nd.MD%20%7C%20Specializing%20in%20Medical%20Certainty%20%7C%20Home%22%2C%22meta%3Adescription%22%3A%222nd.MD%20offers%20you%20medical%20second%20opinions%20with%20virtual%20online%20consultations%22%2C%22meta%3Akeywords%22%3A%22Ask%20doctor%2C%20second%20opinion%2C%20second%20opinion%20medical%2C%20medical%20advice%2C%20health%20advice%2C%20Ask%20medical%20questions%2C%20health%20questions%2C%20online%20medical%20help%2C%20medical%20advice%20online%2C%20medical%20symptoms%2C%20online%20treatment%20options%2C%20medical%20help%2C%20medical%20terminology%20help%2C%20medical%20help%20sites%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%222nd.MD%20%7C%20Specializing%20in%20Medical%20Certainty%20%7C%20Home%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%222nd.MD%20offers%20you%20medical%20second%20opinions%20with%20virtual%20online%20consultations%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1596705355673.1695386469&it=1596705355568&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 06 Aug 2020 09:15:56 GMT
aa_px
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=87EDF4D056964721BFF92F178D718F41
  • https://um.simpli.fi/aa_px?sk=164860603505000498421
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/aa_px?sk=164860603505000498421
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 Aug 2020 09:15:56 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:56 GMT
server
AAWebServer
status
302
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://um.simpli.fi/aa_px?sk=164860603505000498421
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
nexage
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/nexage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 Aug 2020 09:15:56 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=87EDF4D056964721BFF92F178D718F41
43 B
866 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=87EDF4D056964721BFF92F178D718F41
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:56 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
XkHpV1ZxgO1eICMchP_wDhp-JF6MfhhTusy5qrhU7ahw77r6kL-h7g==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=87EDF4D056964721BFF92F178D718F41
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:56 GMT
pubmatic
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 Aug 2020 09:15:56 GMT
freewheel
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:56 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 Aug 2020 09:15:56 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=87EDF4D056964721BFF92F178D718F41;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=87EDF4D056964721BFF92F178D718F41;mimetype=img;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2141202535548406645
43 B
863 B
Image
General
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2141202535548406645
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-27.fra53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:57 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
_xvn9tA6ceK25_wtfCmaf-RawkAiOHyPZoZofVLVQXJ7VGCsPxYeGg==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:56 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
anserver
gapp-eu-4.c.datonics-gcp-01.internal
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2141202535548406645
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
pixel.gif
load77.exelator.com/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=87EDF4D056964721BFF92F178D718F41&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=87EDF4D056964721BFF92F178D718F41&j=0&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
296 B
Image
General
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.46 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
frankfurt-44.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-nzt
AcO1ryxUhZT943kGAA==
date
Thu, 06 Aug 2020 09:15:57 GMT
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-edge-pop
frankfurtDE
etag
"59f0c3fc-2b"
status
200
x-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-edge-ip
195.181.175.44
x-age
424419
accept-ranges
bytes
content-length
43

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
server
nginx
x-powered-by
Undertow/1
status
302
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
yahoo
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
status
200
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 05 Aug 2020 09:15:57 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=87EDF4D056964721BFF92F178D718F41
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=87EDF4D056964721BFF92F178D718F41
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.133.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 06 Aug 2020 09:19:59 GMT

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://sync.bfmio.com/sync?pid=141&uid=87EDF4D056964721BFF92F178D718F41
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:57 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=87EDF4D056964721BFF92F178D718F41
62 B
329 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=87EDF4D056964721BFF92F178D718F41
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
92.123.150.214 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-150-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:57 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
4d34
Content-Type
image/gif

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://stags.bluekai.com/site/29931?id=87EDF4D056964721BFF92F178D718F41
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:57 GMT
tpid=EBE2196FC8D8412FA1FEFD86773D36B9
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EBE2196FC8D8412FA1FEFD86773D36B9
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBE2196FC8D8412FA1FEFD86773D36B9
49 B
715 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBE2196FC8D8412FA1FEFD86773D36B9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.234.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:57 GMT
status
200
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.29.144
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:57 GMT
status
302
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=EBE2196FC8D8412FA1FEFD86773D36B9
cache-control
no-cache
x-server
10.45.23.70
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=EBE2196FC8D8412FA1FEFD86773D36B9
  • https://ce.lijit.com/merge?pid=2&3pid=EBE2196FC8D8412FA1FEFD86773D36B9&dnr=1
0
433 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=EBE2196FC8D8412FA1FEFD86773D36B9&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Aug 2020 09:15:57 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 Aug 2020 09:15:57 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=2&3pid=EBE2196FC8D8412FA1FEFD86773D36B9&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=EBE2196FC8D8412FA1FEFD86773D36B9
0
66 B
Image
General
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=EBE2196FC8D8412FA1FEFD86773D36B9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.245.222 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
451
date
Thu, 06 Aug 2020 09:15:57 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://idsync.rlcdn.com/419566.gif?partner_uid=EBE2196FC8D8412FA1FEFD86773D36B9
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:57 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1596705356009&cv=7&fst=1596705356009&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=fa...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_v...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vt...
42 B
107 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TcorX-L0K-PG7_UP3LqGyAo&random=2776338848&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=338181247&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TcorX-L0K-PG7_UP3LqGyAo&random=2776338848&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://um.simpli.fi/spotx_match
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBE2196FC8D8412FA1FEFD86773D36B9
  • https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBE2196FC8D8412FA1FEFD86773D36B9&__user_check__=1&sync_id=702330fd-d7c5-11ea-adbf-1f932c7f2806
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EBE2196FC8D8412FA1FEFD86773D36B9&__user_check__=1&sync_id=702330fd-d7c5-11ea-adbf-1f932c7f2806
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 06 Aug 2020 09:15:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
87
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 06 Aug 2020 09:15:57 GMT
Server
nginx
Location
/partner?adv_id=7797&uid=EBE2196FC8D8412FA1FEFD86773D36B9&__user_check__=1&sync_id=702330fd-d7c5-11ea-adbf-1f932c7f2806
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
103
Connection
keep-alive
Content-Length
0
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=EBE2196FC8D8412FA1FEFD86773D36B9
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBE2196FC8D8412FA1FEFD86773D36B9
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBE2196FC8D8412FA1FEFD86773D36B9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 06 Aug 2020 09:15:57 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.52:80
AN-X-Request-Uuid
d1fc17ba-7887-4b37-9dc5-c0a7f2c10d29
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 06 Aug 2020 09:15:57 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 726.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.84:80
AN-X-Request-Uuid
bcac65ea-e973-45b6-b704-dc3dc00622e4
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DEBE2196FC8D8412FA1FEFD86773D36B9
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtset
bh.contextweb.com/bh/
Redirect Chain
  • https://um.simpli.fi/cw_match
  • https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=EBE2196FC8D8412FA1FEFD86773D36B9
49 B
530 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=EBE2196FC8D8412FA1FEFD86773D36B9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status
200
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://bh.contextweb.com/bh/rtset?do=add&pid=537085&ev=EBE2196FC8D8412FA1FEFD86773D36B9
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:57 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBE2196FC8D8412FA1FEFD86773D36B9&expires=365
42 B
772 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBE2196FC8D8412FA1FEFD86773D36B9&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
x-content-type-options
nosniff
server
nginx
status
302
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EBE2196FC8D8412FA1FEFD86773D36B9&expires=365
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 05 Aug 2020 09:15:57 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=EBE2196FC8D8412FA1FEFD86773D36B9
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBE2196FC8D8412FA1FEFD86773D36B9
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBE2196FC8D8412FA1FEFD86773D36B9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.191.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:57 GMT
via
1.1 google
server
OXGW/16.191.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 06 Aug 2020 09:15:57 GMT
via
1.1 google
server
OXGW/16.191.0
status
302
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=EBE2196FC8D8412FA1FEFD86773D36B9
alt-svc
clear
content-length
0
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESEIKL5C5IKOiDFMYKbE05vCE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EBE2196FC8D8412FA1FEFD86773D36B9
  • https://um.simpli.fi/g_match?id=
0
320 B
Image
General
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 06 Aug 2020 09:15:58 GMT
x-content-type-options
nosniff
status
204
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Wed, 05 Aug 2020 09:15:58 GMT

Redirect headers

pragma
no-cache
date
Thu, 06 Aug 2020 09:15:58 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://um.simpli.fi/g_match?id=
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| bootstrap object| Vimeo boolean| VimeoPlayerResizeEmbeds_ string| base_url boolean| isMobile boolean| isClient boolean| isSpecialist boolean| isCareUser boolean| isAdmin function| hj object| _hjSettings object| dataLayer function| kf_ping function| kf_trackback boolean| h_v object| kf_data string| a string| csrf_token_name string| csrf_token_value object| rl_widget_cfg object| RLCAP object| google_tag_manager object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| GoogleAnalyticsObject function| ga object| __be object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _hsp boolean| _hspb_loaded object| BE_API object| _hsq object| _paq boolean| _hstc_loaded boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime function| fbq function| _fbq object| RL object| sifi_att_42656

14 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl541939138.1155525810
.2nd.md/ Name: __hssc
Value: 112361499.1.1596705355247
.2nd.md/ Name: __hssrc
Value: 1
.2nd.md/ Name: __hstc
Value: 112361499.142c6c87ef5a04427d7f2e90252694b8.1596705355247.1596705355247.1596705355247.1
www.2nd.md/ Name: _hjIncludedInSample
Value: 1
.2nd.md/ Name: _hjid
Value: 9be462e8-c954-4656-a398-75f14c9fc6c4
.2nd.md/ Name: hubspotutk
Value: 142c6c87ef5a04427d7f2e90252694b8
.2nd.md/ Name: _gat
Value: 1
.2nd.md/ Name: _gid
Value: GA1.2.324681721.1596705354
www.2nd.md/ Name: ci_session
Value: t1hg9f8ll0oav84t7qoltmdu7evs3bi3
www.2nd.md/ Name: csrftokencookie
Value: df4f26533701f7519b64413942f01f84
.2nd.md/ Name: _ga
Value: GA1.2.693504291.1596705354
.www.2nd.md/ Name: kf_ch
Value: d5928c2e-6609-459c-e68b-151d9e0921fc
www.2nd.md/ Name: ROUTEID
Value: .newatlas

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' www.2nd.md 2nd.md admin.2nd.md
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
aa.agkn.com
bcp.crwdcntrl.net
bh.contextweb.com
capture-api.reachlocalservices.com
cdn.chatbot.com
cdn.rlets.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
load77.exelator.com
loadm.exelator.com
ping.kickfactory.com
pixel.rubiconproject.com
player.vimeo.com
script.hotjar.com
simplifi.partners.tremorhub.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.simpli.fi
track.hubspot.com
um.simpli.fi
us-u.openx.net
vars.hotjar.com
www.2nd.md
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.31.79.120
143.204.202.26
143.204.202.27
143.204.202.56
147.75.100.189
147.75.100.205
147.75.102.200
151.101.112.217
169.50.137.176
169.50.137.179
169.50.137.190
172.217.16.130
172.217.23.162
185.33.221.88
185.94.180.125
195.181.175.46
198.148.27.139
216.52.2.48
2600:1901:0:8eee::
2600:1f18:612b:4264:93eb:750:9e98:59c2
2600:9000:214f:4000:6:9a19:88c0:93a1
2606:4700::6811:45b0
2606:4700::6811:d4cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2a00:1450:4001:800::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:817::2004
2a00:1450:4001:819::2002
2a00:1450:4001:824::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.233.133.91
35.176.206.104
35.244.159.8
35.244.245.222
52.30.234.204
52.35.133.87
54.68.180.26
54.72.172.61
69.173.144.139
92.123.150.214
0843900120977b5d77b87ae738a718eba1f4b3b51cbc096c492435825668d8e9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
105bf192b0de2fe15283368bf38695910531a3ad5988d0c4aad603713154904f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110665c0649ece6975c23fe91f3e1ddc2f566f8d01d9a45764f0abb01d8a0e1b
14f905acd15b4da4e764b68c55c3ceade618305bda35619229827f6e820af273
28218abf458dfaa037bdab364a5bbf1e3a3bf0cbaf65d78519ad1f63c110484e
287394b571970a71d1bab5824389aed2caab6443676ddc124db6d31a48b17e2d
2b0ea9c65829c212db24c7b205a602f1744230e36d60f9d5291e154d188b3a2b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30b0db73e73dc03aac73080f5a39f05779109a9b338300138fde0a9f90f4efc4
31ea5ac7253c4f6cad4e724d9c697a69999f0483e95644e69116bd3c33e9761e
39316083a35de397c861785afe9f734380a06e461a9fdd5df106332098b1086d
3c73ed04e4c30d6b432f87e89d804610fa6acd9c7d7ac1bb8ba5e021878008ec
40f319fd8fbb1033faf348bb52863da1921472bde9a991fb46f3fbedcb96999f
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
41ef7434306dfbbc4c88dce5d5f0c3a225321057c71a6fdf68dcd6a77fe1a4db
4595d10b67565c35cf6b33b55960b3ba67340f528c4e30656a8c54275d77739c
488c7ee3ac2556cbba10e2c6bca6494248134eb33b14f366fc32c69fa63e7545
4a869a78cbc58da6e10c61c139398e9adefed7ae56ebaa27bab05242ea600dfc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bccb8073f5220c4cdc04f16f1dbad3e6efed57d476feaaec41e0a8b91c24287
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcbbc1c69655d002e8e75ee82a9c7a027802ad77ef0feace7e0a960e92565e6
5088f1fe75b2e1d3bd2a0e403c99510c2824afcfc3b996ff675bd5892c08758c
53fc328e55b4402708adb81656504b6e1f740ad9cf57e2d057abe883910a4804
556b8a36ce500fd3fed6661f1dcf5e9cdf44a2e5862fb6abf0984ece9c58e6ce
58864da979d42158f75ff6f7fcacdaf12be6c4f5bcdc5cc626c9f738af894e4c
5aa59976259ce2568a094d8d2605551354f43fe4b883c26a4de607b99abe8ba7
5c0dfafc97ec4a923913656f0d7dd60f035ee8a3bf2cbcc5c8bb92a1d2bab035
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dfc69832102207532078d7dd4309ac27971eed792b766c51a4529f6fdb7b7b8
5eeff0d70b416411b6651a537ac0572bfa50befb11af2c20aa829d1fe6915e67
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
615ec577e40da7fc8c36c198398f85545ada211009c193134a25742a00dc5945
858b9f7b7bcc39309051d659c7256f8f84f28b336ecfd94544ea9e0dd248b289
916d6b371bc9d935b474ce2a0f1a90913cc908e531bce28766af7f3b5303767b
93b1524a3b404177560f00be38ccb97fbdc44a0e9ae7061d652d79b6a07f4bfe
9587590381f820bfed471a61ea1a6f29c1e4f32df48ac7d33a79d24ddd02c8ce
966b864bab11f0e78e1ee1ee283092ef6cc12eb650395fcd0d98c042ce09169c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10f7d16764f0864117461ba5605694afebce75e73058a8cd0f4d5e441684f1f
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ad43399788593bd34ed320b3edcb6b78968b46c5fa3ae7ed908a5ddb43eed941
afd56241da1a9abe8d650d367e4eb8749664ff103c425f180d17a0b892bf09d1
bbb02d2942779548d4212b7365c11bd01b22211ca57096f70237a60afbb262f4
bf95c22668665b7ca0e16cefcf5036867e1b0b2b5f1592a2d3af96bf16636225
c31c4221b649eafa1b062de1f7c57404a32e36da89abc05fce901fd749cb2371
c36146a7aabe70aa9836039f03d9b05d1a0ebdf250e7d2aeb85a8556ccb1f896
c54fac230b996aaf38ce0a7f7b423c3c386b67b48e769ed7fdf6bd9c054b242c
c8adc59be1a71f699cb475a32ef2ce1b5fcbb8d2ffdc2c526c9294c1ee28d5a7
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc4b54d8fe56ccc9d18e8c8978309e8dd654153e6b71b426245a3c6418d55ff9
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d3b220e9cc7f7b6c5ff0281103e70384c5d8ef17aefabcabf082961e7e48fc7d
dbf541e2d286d5962e48c78ddbca0d7f3d83479085c3b45c8c20566d71204221
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
e07710bec6a149dfb0719d7be3f9277697f6287e785ae3e9271887d35ea914ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d4f568e51f6cb3352061fcf4441b3e051b709bd1dd11230aa16a0082da4ca6
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e72688e86a353de99d551a9ac3fe04392336d8dad69492fcb241389413a2f39c
e8c0eda8021c7013fc1fa6f5e459d91f1f040a2a08624705bd709a6c20a6ac94
ebddd17c3cefd87dec926c9e32d15e7dbc331731dbe279fb7fadbfe8aefac5a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61ffac65404444c155cb5157ca7512145f726382e48f150bfcb055cf252348a
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f7ea899852ddc0505456b959021866a598227cf782f5992b61940dca6f3c2ffd
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955