urlscan.io logo urlscan.io
SecurityTrails logo

www.2nd.md Open in urlscan Pro
50.112.129.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sendy.2nd.md/l/892UfKcOHCoPba7639DyEahl6w/GQgLrNWbkne3ffz6U96DCA/ZUW763bTrZW2SmClnMDXWpjw
Effective URL: https://www.2nd.md/activate/step1/ameriprise
Submission: On March 11 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 3 countries across 22 domains to perform 62 HTTP transactions. The main IP is 50.112.129.4, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.2nd.md.
TLS certificate: Issued by Amazon on October 21st 2020. Valid for: a year.
This is the only time www.2nd.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.13.85.226 16509 (AMAZON-02)
13 50.112.129.4 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.21.21.56 13335 (CLOUDFLAR...)
2 151.101.112.217 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 44.236.216.146 16509 (AMAZON-02)
1 65.9.96.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 65.9.58.120 16509 (AMAZON-02)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.96.51 16509 (AMAZON-02)
1 13.226.159.56 16509 (AMAZON-02)
5 151.101.14.109 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 151.101.64.217 54113 (FASTLY)
1 34.120.202.204 15169 (GOOGLE)
2 34.75.237.118 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
62 28
1    52.13.85.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-85-226.us-west-2.compute.amazonaws.com
sendy.2nd.md
13    50.112.129.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-129-4.us-west-2.compute.amazonaws.com
www.2nd.md
1    2600:9000:206f:9c00:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.21.21.56 (United States)

ASN13335 (CLOUDFLARENET, US)
ping.kickfactory.com
2    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
1    2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    44.236.216.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-216-146.us-west-2.compute.amazonaws.com
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
1    65.9.96.102 (United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    65.9.58.120 (United States)

ASN16509 (AMAZON-02, US)
cdn.chatbot.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    65.9.96.51 (United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    13.226.159.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-56.dus51.r.cloudfront.net
vars.hotjar.com
5    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
1    2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
3    151.101.64.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
www.vimeo.com
1    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
2    34.75.237.118 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 118.237.75.34.bc.googleusercontent.com
liqadprdct-capture-prod-east.gannettdigital.com
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
13 www.2nd.md www.2nd.md
9 cdn.chatbot.com www.2nd.md
cdn.chatbot.com
4 fonts.gstatic.com fonts.googleapis.com
3 f.vimeocdn.com player.vimeo.com
2 liqadprdct-capture-prod-east.gannettdigital.com cdn.rlets.com
2 vimeo.com f.vimeocdn.com
www.2nd.md
2 i.vimeocdn.com player.vimeo.com
2 bat.bing.com www.googletagmanager.com
www.2nd.md
2 www.google-analytics.com www.2nd.md
www.google-analytics.com
2 player.vimeo.com www.2nd.md
2 ping.kickfactory.com www.2nd.md
ping.kickfactory.com
2 fonts.googleapis.com www.2nd.md
cdn.chatbot.com
1 track.hubspot.com
1 www.vimeo.com 1 redirects
1 fresnel.vimeocdn.com f.vimeocdn.com
1 forms.hsforms.com www.2nd.md
1 js.hs-analytics.net js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google.de www.2nd.md
1 www.google.com www.2nd.md
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.2nd.md
1 static.hotjar.com www.2nd.md
1 9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com cdn.rlets.com
1 js.hs-scripts.com www.2nd.md
1 cdn.rlets.com www.2nd.md
1 sendy.2nd.md 1 redirects
62 30

This site contains no links.

Subject Issuer Validity Valid
2nd.md
Amazon		 2020-10-21 -
2021-11-19		 a year crt.sh
*.rlets.com
Amazon		 2021-01-29 -
2022-02-27		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-07 -
2021-04-24		 9 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
chatbot.com
Amazon		 2020-09-26 -
2021-10-28		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
fresnel.vimeocdn.com
GTS CA 1D2		 2021-01-16 -
2021-04-16		 3 months crt.sh
*.gannettdigital.com
R3		 2021-01-20 -
2021-04-20		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.2nd.md/activate/step1/ameriprise
Frame ID: 88383EE4167D7F7AD216B83B0F711C78
Requests: 44 HTTP requests in this frame

Frame: https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Frame ID: 18B82C58879242B15B7875B57917982E
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Frame ID: 54C2F626DFC43A0A398854C0B8AB704B
Requests: 9 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: DBA31496799CB8671A893FF2BA30D03C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
Frame ID: 9F337BB84BBE6A785343688456F54B39
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://sendy.2nd.md/l/892UfKcOHCoPba7639DyEahl6w/GQgLrNWbkne3ffz6U96DCA/ZUW763bTrZW2SmClnMDXWpjw HTTP 302
    https://www.2nd.md/activate/step1/ameriprise Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

62
Requests

98 %
HTTPS

54 %
IPv6

22
Domains

30
Subdomains

28
IPs

3
Countries

1934 kB
Transfer

3335 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sendy.2nd.md/l/892UfKcOHCoPba7639DyEahl6w/GQgLrNWbkne3ffz6U96DCA/ZUW763bTrZW2SmClnMDXWpjw HTTP 302
    https://www.2nd.md/activate/step1/ameriprise Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://www.vimeo.com/api/oembed.json?url=https://vimeo.com/301039111&callback=vimeoCallback HTTP 301
  • https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/301039111

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ameriprise
www.2nd.md/activate/step1/
Redirect Chain
  • https://sendy.2nd.md/l/892UfKcOHCoPba7639DyEahl6w/GQgLrNWbkne3ffz6U96DCA/ZUW763bTrZW2SmClnMDXWpjw
  • https://www.2nd.md/activate/step1/ameriprise
37 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
052b6cb29380737041b0cce6bfa84d1275efcd9f33fe6df94b7fc95243a75ca9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

:method
GET
:authority
www.2nd.md
:scheme
https
:path
/activate/step1/ameriprise
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:02 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=v/JrbaDgX6Bs0ihOcahZp0QPZMwL5xL3/wnOvkFx75Fu5B6RjYDe8ojyrsSd9pc3LZnRZT/UFHYQdnLxCPZBgsqb2LNRCT2pfesqmCewVsF5qT+0GUQgj3+soKAQ; Expires=Thu, 18 Mar 2021 19:11:01 GMT; Path=/ AWSALBCORS=v/JrbaDgX6Bs0ihOcahZp0QPZMwL5xL3/wnOvkFx75Fu5B6RjYDe8ojyrsSd9pc3LZnRZT/UFHYQdnLxCPZBgsqb2LNRCT2pfesqmCewVsF5qT+0GUQgj3+soKAQ; Expires=Thu, 18 Mar 2021 19:11:01 GMT; Path=/; SameSite=None; Secure csrftokencookie=2c4af6478ab3d9f2e259483e02d76b99; expires=Thu, 11-Mar-2021 21:11:01 GMT; Max-Age=7200; path=/; secure; HttpOnly;Secure;HttpOnly ci_session=03f6m7s1e44n14o6rn8fkbft31aglo27; expires=Thu, 11-Mar-2021 21:11:01 GMT; Max-Age=7200; path=/; secure; HttpOnly;Secure;HttpOnly
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Origin

Redirect headers

date
Thu, 11 Mar 2021 19:11:01 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.2nd.md/activate/step1/ameriprise
set-cookie
AWSALB=tKPDUUXkAh2BwcS420Xj6hZV8u61QrPsmhM3mvyumKzhfyNIuYWCFxxy3qVkG/rkDk9S71g8QfUduBDGvM2WG5sTa6RJPM7wMfh4Ob1oYVnTFjC7iXHxzDP1YCaD; Expires=Thu, 18 Mar 2021 19:11:01 GMT; Path=/ AWSALBCORS=tKPDUUXkAh2BwcS420Xj6hZV8u61QrPsmhM3mvyumKzhfyNIuYWCFxxy3qVkG/rkDk9S71g8QfUduBDGvM2WG5sTa6RJPM7wMfh4Ob1oYVnTFjC7iXHxzDP1YCaD; Expires=Thu, 18 Mar 2021 19:11:01 GMT; Path=/; SameSite=None; Secure
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips
jquery-3.5.1.js
www.2nd.md/assets/webLayout/js/ 		281 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/js/jquery-3.5.1.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
text/javascript
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
287630
bootstrap.bundle.js
www.2nd.md/assets/webLayout/js/ 		218 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/js/bootstrap.bundle.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
text/javascript
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
222911
5014927a5dbf0855d40cd00.js
cdn.rlets.com/capture_configs/9f2/f60/d18/ 		173 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9c00:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1484a8eaa2effb23723b2af0a6c7a90cff3ae887f9ae025366a3a72b20bf50c4

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 13:26:36 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 09:19:44 GMT
server
AmazonS3
age
20667
etag
W/"82a269323f5bae6f6fc1abec1c81d725"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
YXizLLmPHhcKGytDP_hRJlcNZoo2qWFeFnEqNUfKbFMXe3KOqUTsew==
important.js
www.2nd.md/assets/webLayout/js/ 		0
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/js/important.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
text/javascript
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
0
common.js
www.2nd.md/assets/js/mobile/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/js/mobile/common.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
7693c2bed1448cb71fadae83840d4e547ad45496024df61441a3aaeeb8a33d44
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Wed, 18 Nov 2020 20:32:24 GMT
server
Apache
vary
Origin
content-type
text/javascript
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
11021
css
fonts.googleapis.com/ 		8 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5687d114d8a082667dc72818f2e0b35ce1407ab77ff5fb75686bdbef348d93b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 19:11:02 GMT
server
ESF
date
Thu, 11 Mar 2021 19:11:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 19:11:02 GMT
bootstrap.min.css
www.2nd.md/assets/webLayout/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/css/bootstrap.min.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
text/css
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
155758
all.css
www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/ 		67 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
text/css
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
69105
webLayout.css
www.2nd.md/assets/webLayout/css/ 		98 KB
99 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/css/webLayout.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
11fc71eb12aabfa034dd5c4c3da4fc682c440e7e90a0a5440bc3791e67e0c9f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
last-modified
Thu, 11 Mar 2021 19:11:03 GMT
server
Apache
vary
Origin
content-type
text/css
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
100550
ping.js
ping.kickfactory.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ping.kickfactory.com/ping.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-polished
origSize=1763
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c44c290c00001d0aed1b9000000001
last-modified
Mon, 12 Jun 2017 16:02:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7QTtbJzJbkPU3xPdZN0w6rlAyh4xgScIKfLWJqeY618Aa66f749tnv13Ggum4Ci29TU9kQkTzvTxkFL5mC2GKGFYQ4yjugSp4F%2FLINq66fOhJdVRrA%3D%3D"}]}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
62e71621ae161d0a-CPH
expires
Thu, 11 Mar 2021 19:11:24 GMT
plain-banner.png
www.2nd.md/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/images/plain-banner.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
064778e998427e1b24a5cdfcc4838be182c768a10336202cc85c18e169ad9bac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/activate/step1/ameriprise
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
last-modified
Thu, 10 Sep 2020 23:23:16 GMT
server
Apache
vary
Origin
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
4023
player.js
player.vimeo.com/api/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
0
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
332
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-11
Content-Length
5898
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4034-HHN
X-Player-Backend
p
Expires
Thu, 11 Mar 2021 19:35:32 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1615489864.955317,VS0,VE0
Date
Thu, 11 Mar 2021 19:11:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
804
4455734.js
js.hs-scripts.com/ 		1 KB
975 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4455734.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479dc918606316a4daa729299082c78f4cccdb03ee620be9c95d0caade2b703c

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2BD5852B48F958457677A71AD821543987A14D8324000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.2nd.md
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
62e71621ae8e4e0e-FRA
cf-request-id
08c44c290800004e0e4a2e1000000001
expires
Thu, 11 Mar 2021 19:12:04 GMT
storage.html
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/ Frame 18B8 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.216.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-216-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
39338642e93add0d3f85c0180151fd08d409cb808f02f0415d0923c7d25bdebb

Request headers

:method
GET
:authority
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
:scheme
https
:path
/static/storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2nd.md/

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-type
text/html
content-length
1997
last-modified
Fri, 18 Dec 2020 19:58:09 GMT
hotjar-1426662.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ab0be6aca2c38dcf2e6c4c38072e5db51f17521aaa41831835bb744e3890bf8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
PRG50-C1
etag
W/98d2f819bf62961893c81963e64875b2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1550
via
1.1 a1c66294cb416b399374a845b97656d3.cloudfront.net (CloudFront)
x-amz-cf-id
zO2vmpng7saL_B8KtJCABMRsbOUosZUqNpLhJta1XL-uh79eHpg9Gg==
gtm.js
www.googletagmanager.com/ 		130 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K35W95K
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
865646bc9e9ec67b6e30fcf79c1f08cb52cab78216a790a50df1126e58103ed8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43570
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 11 Mar 2021 19:11:03 GMT
speak-with-top-doctors-2nd-md.jpg
www.2nd.md/assets/webLayout/img/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/img/speak-with-top-doctors-2nd-md.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/assets/webLayout/css/webLayout.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
110665c0649ece6975c23fe91f3e1ddc2f566f8d01d9a45764f0abb01d8a0e1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
image/jpeg
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
178703
between.png
www.2nd.md/assets/webLayout/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/img/between.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/assets/webLayout/css/webLayout.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
8418b3b7645a8ab6bdb1700ec40a1d0b94db6bc15ffcbc7bc6080d5028685c96
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
image/png
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
8071
truncated
/ 		344 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b012ca337e2f330f041f4d584c6af72b72cdb9cd23545ea078cdf5058bf1b06

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
login-activate-image.jpg
www.2nd.md/assets/webLayout/img/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/img/login-activate-image.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/assets/webLayout/css/webLayout.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
027103551e004a58b369a64eb386a1a99f204853c7f14746e1336d2938a5ce08
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
content-type
image/jpeg
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
124587
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.2nd.md
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 10:28:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
463346
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19480
x-xss-protection
0
expires
Sun, 06 Mar 2022 10:28:37 GMT
fa-solid-900.woff2
www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.129.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-112-129-4.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Origin
https://www.2nd.md
Referer
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
vary
Origin
access-control-allow-origin
https://www.2nd.md
strict-transport-security
max-age=63072000; includeSubdomains;
accept-ranges
bytes
content-length
74328
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.2nd.md
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:52 GMT
server
sffe
age
602978
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19172
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.2nd.md
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
260356
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 08 Mar 2022 18:51:47 GMT
301039111
player.vimeo.com/video/ Frame 54C2 		0
0
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6159
date
Thu, 11 Mar 2021 17:28:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Thu, 11 Mar 2021 19:28:25 GMT
plugin.js
cdn.chatbot.com/widget/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/plugin.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vDdKjpKpi4cArBOeeWpZKaCU.Y4pX8h7
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 12:20:28 GMT
server
AmazonS3
age
2574
etag
W/"8853ce597d0917584ec866d09152eb43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Thu, 11 Mar 2021 18:28:10 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
vdDQVSwQeo8fxSsZFpCZnH2TVZYCp-VKdRDy_Zp2Z_Gps9zm5XS3Ug==
bat.js
bat.bing.com/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K35W95K
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
gzip
last-modified
Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref
Ref A: 3CE1C327A20840CC8622518282534CF2 Ref B: FRAEDGE1406 Ref C: 2021-03-11T19:11:04Z
etag
"804e75f6fd11d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8562
301039111
player.vimeo.com/video/ Frame 54C2 		15 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9bc048f78c6324827583cd4afe131754aecd158d6268efa576169d503b159455
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.2nd.md/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2nd.md/

Response headers

Connection
keep-alive
Content-Length
10621
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Thu, 11 Mar 2021 19:12:18 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Thu, 11 Mar 2021 19:11:04 GMT
Age
0
X-Served-By
cache-hhn4040-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1615489864.145624,VS0,VE121
Vary
Accept-Encoding
X-Player-Backend
p
collect
www.google-analytics.com/j/ 		4 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1062559099&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2nd.md%2Factivate%2Fstep1%2Fameriprise&ul=en-us&de=UTF-8&dt=2nd.MD%7C%20Membership%20%7C%20Activate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1230052498&gjid=563712687&cid=864656625.1615489864&tid=UA-22644076-1&_gid=827973059.1615489864&_r=1&_slc=1&z=612637377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 19:11:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.2nd.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=NNNNNN&tm=gtm001&Ver=2&mid=27ec544f-4581-41cd-b9f7-3a8cd349ae58&sid=8660a720829d11ebba1953fe74d4e83c&vid=8660cd30829d11eb8c411330dd84d055&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=2nd.MD%7C%20Membership%20%7C%20Activate&kw=Ask%20doctor,%20second%20opinion,%20second%20opinion%20medical,%20medical%20advice,%20health%20advice,%20Ask%20medical%20questions,%20health%20questions,%20online%20medical%20help,%20medical%20advice%20online,%20medical%20symptoms,%20online%20treatment%20options,%20medical%20help,%20medical%20terminology%20help,%20medical%20help%20sites&p=https%3A%2F%2Fwww.2nd.md%2Factivate%2Fstep1%2Fameriprise&r=&lt=3383&evt=pageLoad&msclkid=N&sv=1&rn=279904
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 11 Mar 2021 19:11:04 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: BC3906F204D94CAABD8DFEDF76B250FA Ref B: FRAEDGE1406 Ref C: 2021-03-11T19:11:04Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-22644076-1&cid=864656625.1615489864&jid=1230052498&gjid=563712687&_gid=827973059.1615489864&_u=IEBAAEAAAAAAAC~&z=995802279
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 11 Mar 2021 19:11:04 GMT
content-type
text/plain
access-control-allow-origin
https://www.2nd.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-22644076-1&cid=864656625.1615489864&jid=1230052498&_u=IEBAAEAAAAAAAC~&z=1480262533
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 19:11:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-22644076-1&cid=864656625.1615489864&jid=1230052498&_u=IEBAAEAAAAAAAC~&z=1480262533
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Mar 2021 19:11:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.33a772c48beaa5222edf.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.33a772c48beaa5222edf.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.96.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Mar 2021 16:20:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
528656
x-cache
Hit from cloudfront
content-length
58652
access-control-allow-origin
*
last-modified
Fri, 05 Mar 2021 16:19:37 GMT
etag
"a93d27db17b2296071120e76a2ccbea0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PRG50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
VmE1QlQ0BJojYO9mb45qNBbP1hT_VmAPfIe4-n71QT1AvwgGDGYabQ==
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame DBA3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-56.dus51.r.cloudfront.net
Software
/
Resource Hash
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2nd.md/

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
et7_FRZyzdQMOrnE98AqxYwpTtb1SDaVEme9p4yO4BaZvJHjh6Zqrg==
age
9339001
polyfill.js
cdn.chatbot.com/widget/ 		72 B
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/polyfill.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 18:48:24 GMT
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
age
1360
access-control-allow-methods
GET,HEAD
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
content-length
72
x-amz-cf-id
sZfYMiOqfWP9ADsddK_PJ--97LApyDfpVLMgMI_ApVH0ndFYB8V7LA==
settings.json
cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/settings.json
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
380ee64cf288aef5676771b624696f56868bbaa844c7a953649dc16d583e9e59

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mjJKtZuNFzm3_iBA_sjFi.8lClDV2dLq
content-encoding
gzip
etag
W/"c24869a9a32913471874f83c6b4cd028"
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 09 Jan 2020 16:44:00 GMT
server
AmazonS3
date
Thu, 11 Mar 2021 19:11:04 GMT
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
cache-control
public, max-age=30
x-amz-cf-id
MLX_IfEaFv2j8ElpROvWmq5jwtphbPH_jYVyxhxCXJkAhtdiZS_mVQ==
739532180.jpg
i.vimeocdn.com/video/ Frame 54C2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/739532180.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5d082518d56e7518d95b096b391e43e97ebebe0ce44d69cd60fe7d662a0843a2

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
1850142
etag
41d677db2d839e65f24de100506552c9
x-served-by
cache-dfw18667-DFW, cache-fra19171-FRA
x-cache
miss, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-timer
S1615489864.429350,VS0,VE1
x-backend-server
varnish
content-length
1709
viewmaster-server
viewmaster-us-central1-6w3v
x-cache-hits
2, 1
player.js
f.vimeocdn.com/p/3.24.17/js/ Frame 54C2 		612 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.24.17/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
199dd00b539a14db6dabe80e285db52e3dcaaf129ff7cc282f39eba7e5f777f4

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
via
1.1 varnish, 1.1 varnish
age
518256
x-guploader-uploadid
ABg5-UwdmwlakD3gUYbdwcmuS_JJM0SEKfxL47C9aQitwL0TQUpwNqmkaZU0WvboTI1hIQ1-uX4BGcuvy_JVHcuT5Mc2DQWvFw
x-cache
HIT, HIT
content-encoding
br
content-length
147458
x-served-by
cache-bwi5120-BWI, cache-fra19164-FRA
last-modified
Fri, 05 Mar 2021 17:54:32 GMT
server
UploadServer
x-timer
S1615489864.430411,VS0,VE0
etag
"cf8eea28b20d00c89836662b7978e650"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
2, 141412
player.css
f.vimeocdn.com/p/3.24.17/css/ Frame 54C2 		159 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.24.17/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
6b6b4128d463875ca45df804c0c952487c94745bce3430cd0d05d92c588df58e

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
via
1.1 varnish, 1.1 varnish
age
518256
x-guploader-uploadid
ABg5-UzKxZ3IjJ4j2UCBNXs8dSHPhpA8oEJCQaVTRUUcY8ukhXKxAjYZrT7loHtNFHEAMLa3W02TUepti22HLTzQ6lcgXS9uHA
x-cache
MISS, HIT
content-encoding
br
content-length
17422
x-served-by
cache-bwi5165-BWI, cache-fra19164-FRA
last-modified
Fri, 05 Mar 2021 17:54:33 GMT
server
UploadServer
x-timer
S1615489864.430441,VS0,VE0
etag
"1b221a32a53bd052faa1978e63d43ae6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 272824
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 54C2 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
5eb2a7e57775f9c1d99a0ac3a75ff94fd893c56703b6b15e40e14c31ccf9b3ad

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
gzip
age
21941003
x-cache
HIT, HIT
x-cache-hits
1, 295561
content-length
1215
x-served-by
cache-bwi5132-BWI, cache-fra19164-FRA
last-modified
Tue, 30 Jun 2020 18:34:52 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1615489864.430397,VS0,VE0
etag
"a51-5a9516e540b00"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
x-vimeo-dc
ge
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jun 2030 20:27:40 GMT
4455734.js
js.hs-banner.com/ 		59 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4455734.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50819221ddbb8906a1ccdd0ca64c2d25ead21f29302d4f89475a117ad8ad661a

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
S48C3H9T7FBNVCE2
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
bNKwmYHS23634iVejIII7BTF1z8LSEqdYFwBihhN+d7Y6ChGXgauFgTwZSNgBhXJ1q3oW+f2QoY=
timing-allow-origin
*
last-modified
Tue, 09 Mar 2021 21:23:13 GMT
server
cloudflare
etag
W/"21714ddcad2063bdadfa7f84b127bb31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
Fk4aH9tcxvnrYnhy._4DZMCmFkH6J90c
access-control-allow-origin
https://www.2nd.md
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
08c44c2ac400002b359d8ea000000001
cf-ray
62e7162468102b35-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Thu, 11 Mar 2021 19:16:04 GMT
collectedforms.js
js.hscollectedforms.net/ 		81 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f259c2327291fd5e68aa4ca0534851223b92e98a899004cfd1011ded9a0ce52c

Request headers

Origin
https://www.2nd.md
Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
via
1.1 224f09e9c236b40d399a8b2851ac0069.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
10026
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.233/bundles/project.js&cfRay=62e621609c48d6d9-IAD
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
08c44c2ac100004a67071fb000000001
cf-ray
62e716246d6f4a67-FRA
last-modified
Fri, 05 Mar 2021 01:14:37 UTC
server
cloudflare
etag
W/"a602783565325058f8a9337405866365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
hQzE7ksb9fEoU_Lhcxj5iunit0RvpCrN
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Zt25tC16ZHac20249V3Qf0OpUXQ78AjuGsGDRHSsSqZ7DBJTjPSXhQ==
4455734.js
js.hs-analytics.net/analytics/1615489800000/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1615489800000/4455734.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33ed271ba1c6abb21699875ffc5d4a0ceb230b6277055dcba6b3a0966bca7d2b

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
XJ31BP779ABDHGNE
x-amz-server-side-encryption
AES256
cf-ray
62e716247c45d6cd-FRA
x-amz-id-2
aiFjs4hhqpk6jqsENgIxjdaOnoJXnA6HHmQelaMl1piD5wi0PDyuWUsHB+r+2tmm8pcMi/M+f6Q=
last-modified
Tue, 23 Feb 2021 22:27:58 GMT
server
cloudflare
etag
W/"27baf06e4c87ce5fcb406c7201be8ab9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-request-id
08c44c2ace0000d6cdc11d6000000001
content-type
text/javascript
expires
Thu, 11 Mar 2021 19:16:04 GMT
plugin.js
cdn.chatbot.com/widget/v1/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/v1/plugin.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8111f90017eda0c4ae0803c54777f26ff4d04adbdf84b4a7045567c54b443c27

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
6_0El6eZnWyd01ECr1wesSMqz0BHG7xl
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 12:20:29 GMT
server
AmazonS3
age
1315
etag
W/"fde17e8c9564bf75634810cce5b9135c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Thu, 11 Mar 2021 18:49:10 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Zmxw-V1l5iXo2-QFYURgOhygeWpvTioEJgKneltI6C4KJpfBddDlFw==
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2B50511215F96B125BD81F6419AF525A4CB935EC29000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
62e71624cba5c2f4-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
cf-request-id
08c44c2afa0000c2f422255000000001
chat.html
cdn.chatbot.com/widget/v1/ Frame 9F33 		593 B
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
993251ea057f1c8634241cabb569d0a170748574bc2d5362686409136a8cc914

Request headers

:method
GET
:authority
cdn.chatbot.com
:scheme
https
:path
/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.2nd.md/

Response headers

content-type
text/html; charset=utf-8
content-length
593
last-modified
Fri, 12 Feb 2021 12:20:29 GMT
x-amz-version-id
fXLmusHeCXDwTWRFNw0eGqW0bWYLmGyy
accept-ranges
bytes
server
AmazonS3
date
Thu, 11 Mar 2021 18:41:37 GMT
cache-control
public, max-age=3600
etag
"72ac7a7f305ba86367407a475026992d"
x-cache
Hit from cloudfront
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
R2Ibo9nHlfEOOpbVJvAXyPlZhImT9vpBtgsffpXiOLLN47vVKajwXw==
age
1767
vuid
vimeo.com/ablincoln/ Frame 54C2 		0
790 B 		Other
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=267e5626dd00debc7a70e9c30ff41cb2376bc2601615489864
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5155-BWI, cache-cph20637-CPH
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1615489865.519392,VS0,VE117
X-Frame-Options
sameorigin
Date
Thu, 11 Mar 2021 19:11:04 GMT
Vary
User-Agent
Expires
Thu, 11 Mar 2021 07:11:04 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v8994-w9xw5
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
ping
ping.kickfactory.com/ 		155 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ping.kickfactory.com/ping?action=step-1&domain=www.2nd.md&ch=01b50e4e-9bc9-447b-b25c-6950eca8057f&url=https%3A//www.2nd.md/activate/step1/ameriprise&title=2nd.MD%7C%20Membership%20%7C%20Activate
Requested by
Host: ping.kickfactory.com
URL: https://ping.kickfactory.com/ping.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
2faaaa71c8edc3b9bb063f69a2f6c675d7834d1ef054eb28a0943a35149eb5ec

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ux1wJsb4tCv0F4f34DsFdAy5b4HAHRs9%2FYqeU8Rw8HJ6WcUMq%2B1%2B26bS8SGVDsiBbCfDbIl5rHd1dG3XN6RlJ%2FuKXnL2ZbU48xRl%2Fkzrq%2Bo6zp2nWw%3D%3D"}]}
content-type
text/html; charset=UTF-8
cache-control
max-age=120
cf-ray
62e7162508991d0a-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08c44c2b2700001d0a9d060000000001
expires
Thu, 11 Mar 2021 19:13:04 GMT
polyfill.js
cdn.chatbot.com/widget/ Frame 9F33 		72 B
392 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/polyfill.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Origin
https://cdn.chatbot.com
Referer
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 18:31:09 GMT
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
age
2395
access-control-allow-methods
GET,HEAD
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C1
content-length
72
x-amz-cf-id
njGw4Y0KbNOLaoTxrQs2b3fklmkf10Fuxm9rd3Js9qPIZH3nQe9d9Q==
chat.b05591bdfb440062b42c.css
cdn.chatbot.com/widget/v1/ Frame 9F33 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/v1/chat.b05591bdfb440062b42c.css
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
67f263e7575695255917c71d9c6861f68dce0f7a55c99378f16e60c3047562a4

Request headers

Referer
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dlqdUE6HnAAkfIs55JNaeRubKRfFYOLg
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 12:20:29 GMT
server
AmazonS3
age
3373
etag
W/"34729693d563803115e464bbf8ce2f68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Thu, 11 Mar 2021 18:14:52 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nAMoqITwb12dHjx6muygNqewN46OeS5cccWYrlrSvpn_CmWuggwiZA==
chat.js
cdn.chatbot.com/widget/v1/ Frame 9F33 		218 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/v1/chat.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5688edc685062599b3a64491f624a0c03fd5cd57fe161ddd0566f8619ac2e75f

Request headers

Referer
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
u1kJAs9IFEHPs241ytVi3aKiDFWUyHLL
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 12:20:29 GMT
server
AmazonS3
age
276
etag
W/"e4bac82acd105c32c5fa3f98e694165b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Thu, 11 Mar 2021 19:06:28 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Vz3vIlgN-tAcoxWfRoVZRFR3o-uBARC59b3RpuMLYkq0uJoj03lkxg==
739532180.webp
i.vimeocdn.com/video/ Frame 54C2 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/739532180.webp
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0&api=1&player_id=thePowerOf2ndMdIFrames
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
749a0c1856412ddfa6ca8e45febeae5304130a88e5b75d588dd1246a76b1be3b

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
717486
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
90828
viewmaster-server
viewmaster-us-central1-0nnq
x-served-by
cache-dfw18654-DFW, cache-fra19171-FRA
x-timer
S1615489865.617133,VS0,VE1
etag
301d3842ea0e66e758c529e7dffa4fce
x-viewmaster-webp-format
lossy
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player-stats
fresnel.vimeocdn.com/add/ Frame 54C2 		0
110 B 		Other
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=267e5626dd00debc7a70e9c30ff41cb2376bc2601615489864
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.24.17/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Thu, 11 Mar 2021 19:11:04 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
css
fonts.googleapis.com/ Frame 9F33 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/chat.b05591bdfb440062b42c.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.chatbot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 18:00:38 GMT
server
ESF
date
Thu, 11 Mar 2021 19:11:04 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 11 Mar 2021 19:11:04 GMT
insights
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ 		0
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.75.237.118 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.237.75.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 11 Mar 2021 19:11:05 GMT
x-content-type-options
nosniff
transfer-encoding
chunked
x-envoy-upstream-service-time
6
vary
Origin
x-xss-protection
1; mode=block
x-request-id
f12d6a7e-a2ec-41e4-bfa9-a69cada7f1b3
x-runtime
0.003310
server
envoy
x-frame-options
SAMEORIGIN
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
no-cache
insights
liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://liqadprdct-capture-prod-east.gannettdigital.com/capture_logger/api/v1/insights
Protocol
HTTP/1.1
Server
34.75.237.118 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.237.75.34.bc.googleusercontent.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.2nd.md
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 11 Mar 2021 19:11:04 GMT
content-type
text/plain
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS, PATCH
access-control-expose-headers
access-control-max-age
1728000
access-control-allow-headers
content-type
x-envoy-upstream-service-time
3
server
envoy
transfer-encoding
chunked
oembed.json
vimeo.com/api/
Redirect Chain
  • https://www.vimeo.com/api/oembed.json?url=https://vimeo.com/301039111&callback=vimeoCallback
  • https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/301039111
991 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/301039111
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/activate/step1/ameriprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3019a583f3ba419a09dc4faec4ef37b4071123b1c698cd5b10634932fdbda6ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Varnish-Cache
1
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
0
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-VServer
infra-webproxy-a-7
Content-Length
535
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=edge
Access-Control-Allow-Origin
*
Last-Modified
Wed, 10 Mar 2021 21:54:23 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1615489865.885335,VS0,VE102
Date
Thu, 11 Mar 2021 19:11:04 GMT
X-Served-By
cache-bwi5130-BWI, cache-cph20637-CPH
X-Frame-Options
sameorigin
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
X-BApp-Server
pweb-v8994-lwqd9
Etag
"9fc48b432c9e9acf7ea956cfceba4d911edad878-gzip"
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0, 0

Redirect headers

X-Varnish-Cache
1
Date
Thu, 11 Mar 2021 19:11:04 GMT
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Age
0
X-Cache
MISS, MISS
Connection
keep-alive
X-VServer
infra-webproxy-a-5
Content-Length
300
X-Served-By
cache-bwi5156-BWI, cache-cph20651-CPH
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1615489865.761600,VS0,VE98
Content-Type
text/html; charset=iso-8859-1
Location
https://vimeo.com/api/oembed.json?callback=vimeoCallback&url=https://vimeo.com/301039111
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
X-Cache-Hits
0, 0
settings.json
cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/ Frame 9F33 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/settings.json
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/chat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
380ee64cf288aef5676771b624696f56868bbaa844c7a953649dc16d583e9e59

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=682
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mjJKtZuNFzm3_iBA_sjFi.8lClDV2dLq
content-encoding
gzip
last-modified
Thu, 09 Jan 2020 16:44:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"c24869a9a32913471874f83c6b4cd028"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
via
1.1 afb3db4ac63e94a7684b97827417941d.cloudfront.net (CloudFront)
cache-control
public, max-age=30
date
Thu, 11 Mar 2021 19:11:05 GMT
x-amz-cf-id
y1qS2jDhSBTrHTpfuoZdFCRffSYcs-yyKyXrk3L7iUTFiwIHXqTzHQ==
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 9F33 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://cdn.chatbot.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 10 Mar 2021 23:19:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
71471
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
expires
Thu, 10 Mar 2022 23:19:53 GMT
__ptq.gif
track.hubspot.com/ 		45 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2176140176&v=1.1&a=4455734&pu=https%3A%2F%2Fwww.2nd.md%2Factivate%2Fstep1%2Fameriprise&t=2nd.MD%7C+Membership+%7C+Activate&cts=1615489865009&vi=30a6e984aaca008f862fd5b877287e9f&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2nd.md/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:11:05 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
62e716287fa34ebc-FRA
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
cf-request-id
08c44c2d4b00004ebc03b26000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dTaU9jQ20WeKiEs6R7Ax0UY3ivRl3Vg1aAkcO%2FNWPzGnmricoYA4Mx%2Fh5IOznzjvX3X7QGgnMno0BcFH%2F2TjXkH%2BkvbLFQY5LUSsN2etOYed9DCNXBo52wRy8aOyJA%3D%3D"}],"max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
player.vimeo.com
URL
https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap object| rl_widget_cfg object| RLCAP function| checkNotifications function| closeNotifications function| postData function| validateFields function| checkValidity function| isNumberKey function| htmlEntitiesDecode string| base_url boolean| isMobile boolean| isClient boolean| isSpecialist boolean| isCareUser boolean| isAdmin function| hj object| _hjSettings object| dataLayer object| kf_data string| csrf_token_name string| csrf_token_value object| Vimeo boolean| VimeoPlayerResizeEmbeds_ string| GoogleAnalyticsObject function| ga object| __be object| google_tag_manager object| google_tag_data object| uetq function| onYouTubeIframeAPIReady object| videoLabels object| lastP object| _playerTitle object| _playerAuthor object| _playerAuthorURL object| _playerUploadDate function| init function| updateUrl function| onMessageReceived function| post function| getLabel function| getVimeoInfo function| vimeoCallback function| onReady function| onPlay function| onPause function| onPlayProgress object| gaplugins object| gaGlobal object| gaData function| UET object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| _hsp object| BE_CONFIG object| __hsCollectedFormsDebug object| _hsq object| BE_API function| kf_ping function| kf_trackback boolean| h_v string| a object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran

20 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl1682630009.1777578168
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/ Name: test
Value: test
.2nd.md/ Name: __hssc
Value: 112361499.1.1615489865006
.2nd.md/ Name: __hssrc
Value: 1
.2nd.md/ Name: __hstc
Value: 112361499.30a6e984aaca008f862fd5b877287e9f.1615489865006.1615489865006.1615489865006.1
.2nd.md/ Name: _hjid
Value: 06e4c9d2-25e1-4f50-9257-32cf19cd9d19
.www.2nd.md/ Name: kf_ch
Value: 01b50e4e-9bc9-447b-b25c-6950eca8057f
www.2nd.md/ Name: csrftokencookie
Value: 2c4af6478ab3d9f2e259483e02d76b99
.2nd.md/ Name: _gcl_au
Value: 1.1.833801751.1615489864
.2nd.md/ Name: _ga
Value: GA1.2.864656625.1615489864
.2nd.md/ Name: _hjTLDTest
Value: 1
.2nd.md/ Name: _hjFirstSeen
Value: 1
www.2nd.md/ Name: AWSALBCORS
Value: IKi+UEx5+2eZ2Wj989iKdXnm0XQgVzWFK1Hn94dizOnNC1dosLUmvZxoaksJgb5z6oVYN8D7c6judd433FTjo2Gc6E3PTEsvSs5z8iLx/1h6j6P2FvrPc+IHiVoP
.2nd.md/ Name: _uetvid
Value: 8660cd30829d11eb8c411330dd84d055
.2nd.md/ Name: _uetsid
Value: 8660a720829d11ebba1953fe74d4e83c
www.2nd.md/ Name: ci_session
Value: 03f6m7s1e44n14o6rn8fkbft31aglo27
.2nd.md/ Name: hubspotutk
Value: 30a6e984aaca008f862fd5b877287e9f
www.2nd.md/ Name: AWSALB
Value: IKi+UEx5+2eZ2Wj989iKdXnm0XQgVzWFK1Hn94dizOnNC1dosLUmvZxoaksJgb5z6oVYN8D7c6judd433FTjo2Gc6E3PTEsvSs5z8iLx/1h6j6P2FvrPc+IHiVoP
.2nd.md/ Name: _gat
Value: 1
.2nd.md/ Name: _gid
Value: GA1.2.827973059.1615489864

1 Console Messages

Source Level URL
Text
console-api warning URL: https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html(Line 1)
Message:
TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
bat.bing.com
cdn.chatbot.com
cdn.rlets.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
fresnel.vimeocdn.com
i.vimeocdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
liqadprdct-capture-prod-east.gannettdigital.com
ping.kickfactory.com
player.vimeo.com
script.hotjar.com
sendy.2nd.md
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
vimeo.com
www.2nd.md
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.vimeo.com
player.vimeo.com
104.21.21.56
13.226.159.56
151.101.112.217
151.101.14.109
151.101.64.217
2600:9000:206f:9c00:6:9a19:88c0:93a1
2606:4700::6810:5705
2606:4700::6811:43b0
2606:4700::6811:82ab
2606:4700::6811:d5cc
2606:4700::6812:15bf
2606:4700::6813:9a53
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:400c:c0c::9c
34.120.202.204
34.75.237.118
44.236.216.146
50.112.129.4
52.13.85.226
65.9.58.120
65.9.96.102
65.9.96.51
027103551e004a58b369a64eb386a1a99f204853c7f14746e1336d2938a5ce08
052b6cb29380737041b0cce6bfa84d1275efcd9f33fe6df94b7fc95243a75ca9
064778e998427e1b24a5cdfcc4838be182c768a10336202cc85c18e169ad9bac
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
110665c0649ece6975c23fe91f3e1ddc2f566f8d01d9a45764f0abb01d8a0e1b
11fc71eb12aabfa034dd5c4c3da4fc682c440e7e90a0a5440bc3791e67e0c9f1
1484a8eaa2effb23723b2af0a6c7a90cff3ae887f9ae025366a3a72b20bf50c4
199dd00b539a14db6dabe80e285db52e3dcaaf129ff7cc282f39eba7e5f777f4
1b012ca337e2f330f041f4d584c6af72b72cdb9cd23545ea078cdf5058bf1b06
202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858
2faaaa71c8edc3b9bb063f69a2f6c675d7834d1ef054eb28a0943a35149eb5ec
3019a583f3ba419a09dc4faec4ef37b4071123b1c698cd5b10634932fdbda6ad
33ed271ba1c6abb21699875ffc5d4a0ceb230b6277055dcba6b3a0966bca7d2b
380ee64cf288aef5676771b624696f56868bbaa844c7a953649dc16d583e9e59
39338642e93add0d3f85c0180151fd08d409cb808f02f0415d0923c7d25bdebb
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
479dc918606316a4daa729299082c78f4cccdb03ee620be9c95d0caade2b703c
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
50819221ddbb8906a1ccdd0ca64c2d25ead21f29302d4f89475a117ad8ad661a
5688edc685062599b3a64491f624a0c03fd5cd57fe161ddd0566f8619ac2e75f
5d082518d56e7518d95b096b391e43e97ebebe0ce44d69cd60fe7d662a0843a2
5eb2a7e57775f9c1d99a0ac3a75ff94fd893c56703b6b15e40e14c31ccf9b3ad
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
66f396314193bfe4809457b6c8004d026e3c503befe550e29ea068667f84ce39
67f263e7575695255917c71d9c6861f68dce0f7a55c99378f16e60c3047562a4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b6b4128d463875ca45df804c0c952487c94745bce3430cd0d05d92c588df58e
749a0c1856412ddfa6ca8e45febeae5304130a88e5b75d588dd1246a76b1be3b
7693c2bed1448cb71fadae83840d4e547ad45496024df61441a3aaeeb8a33d44
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
8111f90017eda0c4ae0803c54777f26ff4d04adbdf84b4a7045567c54b443c27
8418b3b7645a8ab6bdb1700ec40a1d0b94db6bc15ffcbc7bc6080d5028685c96
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865646bc9e9ec67b6e30fcf79c1f08cb52cab78216a790a50df1126e58103ed8
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
993251ea057f1c8634241cabb569d0a170748574bc2d5362686409136a8cc914
9bc048f78c6324827583cd4afe131754aecd158d6268efa576169d503b159455
9bd71240933790c0dc85d69741a3b0bcfef32a44b46ce8893d2541ecaee2db72
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
a5687d114d8a082667dc72818f2e0b35ce1407ab77ff5fb75686bdbef348d93b
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab0be6aca2c38dcf2e6c4c38072e5db51f17521aaa41831835bb744e3890bf8c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0c6270c06376a439c78b771536429905666d4899fea1561e7d9a4b1d8a2eca2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f259c2327291fd5e68aa4ca0534851223b92e98a899004cfd1011ded9a0ce52c