hellomedian.com Open in urlscan Pro
2606:4700:30::681c:1c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hellomedian.com/
Effective URL:
https://hellomedian.com/
Submission: On June 18 via manual (June 18th 2019, 3:21:04 pm UTC) from GB

Summary HTTP 68 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 68 HTTP transactions. The main IP is 2606:4700:30::681c:1c2, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is hellomedian.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 15th 2019. Valid for: 6 months.

This is the only time hellomedian.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:30:... 2606:4700:30::681c:1c2	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	151.139.128.10 151.139.128.10	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
7	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	52.222.167.29 52.222.167.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
10	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2.16.186.18 2.16.186.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.40.58.131 52.40.58.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.89.139.175 52.89.139.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	34.236.200.201 34.236.200.201	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
68	16

24 2606:4700:30::681c:1c2 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hellomedian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hellomedian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

js-cdn.hellomedian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.hellomedian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:4e42::622 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.167.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-167-29.fra54.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE - Google LLC, US)

fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.18 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.58.131 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-40-58-131.us-west-2.compute.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.139.175 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-89-139-175.us-west-2.compute.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.200.201 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-236-200-201.compute-1.amazonaws.com

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	hellomedian.com hellomedian.com js-cdn.hellomedian.com cdn.hellomedian.com app.hellomedian.com	342 KB
10	gstatic.com fonts.gstatic.com	108 KB
9	wistia.com fast.wistia.com distillery.wistia.com pipedream.wistia.com	228 KB
7	akamaihd.net embedwistia-a.akamaihd.net	686 KB
5	fullstory.com fullstory.com rs.fullstory.com	123 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	596 B
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	driftt.com js.driftt.com	44 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	180 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	googletagmanager.com www.googletagmanager.com	19 KB
68	13

	Domain	Requested by
23	hellomedian.com	hellomedian.com
10	fonts.gstatic.com	hellomedian.com
7	embedwistia-a.akamaihd.net	hellomedian.com fast.wistia.com
7	fast.wistia.com	hellomedian.com fast.wistia.com
3	rs.fullstory.com	fullstory.com
3	js-cdn.hellomedian.com	hellomedian.com js-cdn.hellomedian.com
2	fg8vvsvnieiv3ej16jby.litix.io	fast.wistia.com
2	fullstory.com	hellomedian.com fullstory.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	js.driftt.com	hellomedian.com js.driftt.com
2	fonts.googleapis.com	hellomedian.com
1	app.hellomedian.com	js-cdn.hellomedian.com
1	pipedream.wistia.com	fast.wistia.com
1	distillery.wistia.com	fast.wistia.com
1	cdn.hellomedian.com	js-cdn.hellomedian.com
1	www.google.de	hellomedian.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	hellomedian.com
68	19

This site contains links to these domains. Also see Links.

Domain
app.hellomedian.com
www.chatbeacon.io
prospectify.io
recruiterbox.com
blog.hellomedian.com
www.youtube.com
business.facebook.com
www.linkedin.com
twitter.com

Subject Issuer	Validity	Valid
sni24213.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-15` - `2019-12-22`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-11` - `2019-09-03`	3 months	crt.sh
js-cdn.hellomedian.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-22` - `2019-08-20`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
drift.com Amazon	`2018-10-17` - `2019-11-17`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.fullstory.com COMODO RSA Domain Validation Secure Server CA	`2017-12-27` - `2021-03-26`	3 years	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
cdn.hellomedian.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-21` - `2019-08-19`	3 months	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.wistia.com DigiCert SHA2 Secure Server CA	`2017-03-27` - `2020-06-24`	3 years	crt.sh
*.litix.io Amazon	`2019-01-22` - `2020-02-22`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://hellomedian.com/
Frame ID: D0530177B19EB0507FD7A75875C54023
Requests: 66 HTTP requests in this frame

Frame: https://js-cdn.hellomedian.com/widget.a65dbf6.css
Frame ID: 26D5812EBA205A5D2E9509CC212A142F
Requests: 4 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: B534B3FC52305240C17B6CB0FDA5E158
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hellomedian.com/ HTTP 307
https://hellomedian.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

68
Requests

100 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

16
IPs

4
Countries

1572 kB
Transfer

3256 kB
Size

8
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://app.hellomedian.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://app.hellomedian.com/agents/sign_up
Title: Try It Free

Search URL Search Domain Scan URL

URL: https://www.chatbeacon.io/

Search URL Search Domain Scan URL

URL: https://prospectify.io/
Title: Prospectify

Search URL Search Domain Scan URL

URL: https://recruiterbox.com/
Title: RecruiterBox

Search URL Search Domain Scan URL

URL: https://blog.hellomedian.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=8jC7NKkjCe0
Title: Something Completely Different

Search URL Search Domain Scan URL

URL: https://business.facebook.com/hellomedian/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/18061473/

Search URL Search Domain Scan URL

URL: https://twitter.com/median

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hellomedian.com/ HTTP 307
https://hellomedian.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1567097865&t=pageview&_s=1&dl=https%3A%2F%2Fhellomedian.com%2F&ul=en-us&de=UTF-8&dt=Median%20%7C%20Simple%20CoBrowsing%20for%20Support%20Teams&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1980694449&gjid=1654824339&cid=792712044.1560871248&tid=UA-100896075-1&_gid=1990741638.1560871248&_r=1&gtm=2wg651WHNB674&z=988082486 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_gid=1990741638.1560871248&gjid=1654824339&_v=j76&z=988082486 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_v=j76&z=988082486 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_v=j76&z=988082486&slf_rd=1&random=685176460

68 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hellomedian.com/
Redirect Chain

http://hellomedian.com/
https://hellomedian.com/

22 KB
7 KB

552ms
504ms

Document
text/html

2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19b10836b3ef27431bea4f069ed0999767bb49868fd333570155485f66ec883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: hellomedian.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 18 Jun 2019 15:20:47 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d90c4cad43b911a10282acaf7d67dcf811560871247; expires=Wed, 17-Jun-20 15:20:47 GMT; path=/; domain=.hellomedian.com; HttpOnly; Secure
vary: Accept-Encoding Accept-Encoding
link: <https://hellomedian.com/wp-json/>; rel="https://api.w.org/"
x-fw-server: Flywheel/4.1.0
x-fw-hash: znp7pndkta
x-cacheable: NO:Not Cacheable
x-fw-serve: TRUE
x-cache: MISS
x-fw-static: NO
x-fw-type: VISIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e8e3fcfae1bbef1-FRA
content-encoding: br

Redirect headers

Location: https://hellomedian.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 main.css
hellomedian.com/wp-content/themes/median/css/cobrowse/ 60 KB
11 KB 138ms
137ms Stylesheet
text/css 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/wp-content/themes/median/css/cobrowse/main.css?ver=2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e36499f4f33fc3d2bb394e748fd404df64fd5d7898e0b7ce3b6cb22abb354ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-ee86"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
cf-ray: 4e8e3fd2dc9dbef1-FRA

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

d971cf1b65037409f71e8e9c39282b9b4ebcb2308e89a852a40a9cc259fd1a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 18 Jun 2019 15:20:47 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 18 Jun 2019 15:20:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 18 Jun 2019 15:20:47 GMT

GET
H2 200 jquery.main.js Show response
hellomedian.com/wp-content/themes/median/js/ 34 KB
9 KB 60ms
59ms Script
application/javascript 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/wp-content/themes/median/js/jquery.main.js?ver=2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d74b9a096ba310863ffc48620c92df5848a339985fb436f98978eb09884754f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-88ed"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 1
cf-ray: 4e8e3fd2dca1bef1-FRA

GET
H2 200 loader.js Show response
js-cdn.hellomedian.com/ 7 KB
3 KB 177ms
26ms Script
application/javascript 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.hellomedian.com/loader.js
Requested by: Host: hellomedian.com
URL: https://hellomedian.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06a49f04f5c6120ccd16f21df59727ff4d864fb082ebc7bc71105e0ef1e94601

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2019 16:34:20 GMT
server: AmazonS3
x-amz-request-id: 36AEF40548D386A7
etag: "63f0f175d86a2ea89ec2c980005c0d42"
x-hw: 1560871247.cds046.lo4.hn,1560871247.cds100.lo4.c
content-type: application/javascript
status: 200
cache-control: public, max-age=120
x-amz-version-id: dfKA6IUtmj8dH0ptG4u9_qVatMUbBmOE
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2772
x-amz-id-2: 8TFDKjzoHpu+mej62pP27IoTNg3ca3P3Rb1ZYGdhbOyWfJsAQLfgXPlKw3AT0WYa6hKFDxITG60=

GET
H2 200 bundle.js Show response
hellomedian.com/wp-content/themes/median/js/dist/ 40 KB
14 KB 17ms
17ms Script
application/javascript 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/wp-content/themes/median/js/dist/bundle.js

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc09bc8df5aae48f38b9524b49290ace7040ba5d71ef45caf5d5d0eeff6cf332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-a0b9"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
cf-ray: 4e8e3fd35d76bef1-FRA

GET
H2 200 logo.svg
hellomedian.com/wp-content/themes/median/images/ 2 KB
1 KB 42ms
41ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/logo.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97d204c8ca0067df33c7f32190ff8277e5f1257a1c0369f55966283afa3d24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-96b"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 6
cf-ray: 4e8e3fd37db1bef1-FRA

GET
H2 200 intro-img.png
hellomedian.com/wp-content/themes/median/images/ 14 KB
14 KB 98ms
96ms Image
image/png 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/intro-img.png

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

623d9baef9d857e510a06ad3d51a9d62982693bac2a0248c8e6c3454f9df07ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14604
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-390c"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 7
accept-ranges: bytes
cf-ray: 4e8e3fd3ce3abef1-FRA

GET
H2 200 qjj5v1ooxm.jsonp Show response
fast.wistia.com/embed/medias/ 7 KB
2 KB 73ms
22ms Script
application/javascript 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/qjj5v1ooxm.jsonp

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

786884cfe52acb7b674157bf151c7ce478b5cf2c182dbf4201cd098b2d6b6d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77143
x-cache: MISS, HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status: 200
strict-transport-security: max-age=0
content-length: 1851
via: 1.1 varnish, 1.1 varnish
x-request-id: 42f61ab63949d75479c1504d12373b1d
x-served-by: cache-sea1046-SEA, cache-fra19181-FRA
x-runtime: 0.167951
x-browser-version: 74
x-timer: S1560871248.012686,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
link: <https://embedwistia-a.akamaihd.net>; rel=preconnect; crossorigin
x-cache-hits: 0, 1, 1

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 565 KB
108 KB 53ms
6ms Script
application/javascript 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

0a6f90992713e28094e29c2b86c652a18a4602405c512ed6562c35b4e6bbd3c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
age: 2101
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 109697
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1037-SEA, cache-fra19181-FRA
x-browser-version: 74
last-modified: Tue, 18 Jun 2019 13:42:16 GMT
x-timer: S1560871248.012725,VS0,VE0
etag: "5d08ea38-1ac81"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 229

GET
H2 200 intercom-logo.png
hellomedian.com/wp-content/themes/median/images/ 122 KB
122 KB 32ms
19ms Image
image/png 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/intercom-logo.png

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

313b83415da115c777461cb15fa8c53355acb8bcb8d125782e830e3e09d0c42b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 124910
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-1e7ee"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
accept-ranges: bytes
cf-ray: 4e8e3fd3de63bef1-FRA

GET
H2 200 chatbeacon.svg
hellomedian.com/wp-content/themes/median/images/ 5 KB
2 KB 28ms
16ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/chatbeacon.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ea9eb275ad382a9113cfdf035dbfb631a0053df892493e891c8b5d185d09c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-14fd"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
cf-ray: 4e8e3fd3de69bef1-FRA

GET
H2 200 zendesk-logo.svg
hellomedian.com/wp-content/themes/median/images/ 2 KB
1 KB 123ms
111ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/zendesk-logo.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ea82fde0e01eeca282937e9e793f2b57d06389357b625a8a7b1d8dcf18e9b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-908"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 6
cf-ray: 4e8e3fd3de6abef1-FRA

GET
H2 200 live-chat-logo.png
hellomedian.com/wp-content/themes/median/images/ 5 KB
5 KB 163ms
152ms Image
image/png 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/live-chat-logo.png

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c50f61ad5c2e6b7a6697615a462a60fdfbdd14ac9f43d1cb43ec467af71a206e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 5063
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-13c7"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
accept-ranges: bytes
cf-ray: 4e8e3fd3de6cbef1-FRA

GET
H2 200 pricing-tab.png
hellomedian.com/wp-content/themes/median/images/ 7 KB
7 KB 28ms
17ms Image
image/png 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/pricing-tab.png

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e52f0d1413c6186b24922307e6fa1c3a5197993fc3239a1f7ac5dfbf78ead492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6857
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-1ac9"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 6
accept-ranges: bytes
cf-ray: 4e8e3fd3de6dbef1-FRA

GET
H2 200 img-1.svg
hellomedian.com/wp-content/themes/median/images/ 4 KB
1 KB 36ms
25ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/img-1.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a2352a265e92c77f07367a5c2ae71c8340edbe72af0d074478fe4969bd66a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-fbb"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 8
cf-ray: 4e8e3fd3de6ebef1-FRA

GET
H2 200 img-2.svg
hellomedian.com/wp-content/themes/median/images/ 6 KB
2 KB 38ms
27ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/img-2.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9cbbd446b457b359ff99c81731ea9d46681b4ad5b78cda282c02a59743f4db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-1741"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 6
cf-ray: 4e8e3fd3de6fbef1-FRA

GET
H2 200 josh.jpg
hellomedian.com/wp-content/themes/median/images/ 6 KB
6 KB 38ms
28ms Image
image/jpeg 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/josh.jpg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

da8fe41026589196d7f590fa86e673c756b9d0aa3623b2b2f59ee6f7c0d30a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 5888
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-1700"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 8
accept-ranges: bytes
cf-ray: 4e8e3fd3de70bef1-FRA

GET
H2 200 img-3.svg
hellomedian.com/wp-content/themes/median/images/ 12 KB
4 KB 120ms
110ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/img-3.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8d58d87864c67a3ac423c43706f41a837de3502b2a2483d8de3000e8bad3286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-30a0"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
cf-ray: 4e8e3fd3de73bef1-FRA

GET
H2 200 img-4.svg
hellomedian.com/wp-content/themes/median/images/ 9 KB
3 KB 131ms
122ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/img-4.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7cbb4cd536f5153632d0095b6da42714b5f411ae5cf92495dea049cbe86b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-2340"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 6
cf-ray: 4e8e3fd3de74bef1-FRA

GET
H2 200 img-5.svg
hellomedian.com/wp-content/themes/median/images/ 8 KB
3 KB 35ms
26ms Image
image/svg+xml 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/img-5.svg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a347dc4a866f9348d8d14922b14dd7ca2e545fdda2df03e537d522c8b28a9ffc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-2122"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
cf-ray: 4e8e3fd3de76bef1-FRA

GET
H2 200 women-img.jpg
hellomedian.com/wp-content/themes/median/images/ 5 KB
5 KB 117ms
108ms Image
image/jpeg 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/women-img.jpg

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5759950b9a478b2fa0605b3e9961d9fdcd1b80c8dc42786685b3f189eccd8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 5203
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-1453"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
accept-ranges: bytes
cf-ray: 4e8e3fd3de78bef1-FRA

GET
H2 200 email-decode.min.js Show response
hellomedian.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
818 B 15ms
14ms Script
application/javascript 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 10 Jun 2019 15:33:43 GMT
server: cloudflare
etag: W/"5cfe7857-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 4e8e3fd33d54bef1-FRA
vary: Accept-Encoding
expires: Thu, 20 Jun 2019 15:20:47 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
hellomedian.com/wp-content/themes/median/js/ 95 KB
32 KB 37ms
28ms Script
application/javascript 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/wp-content/themes/median/js/jquery-1.12.4.min.js

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-17b8e"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 4
cf-ray: 4e8e3fd3de79bef1-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 51 KB
19 KB 24ms
15ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHNB674

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e699b8fcc2a16555595b5f4c4339d36272dbeb820d8131af43b13663b4103637

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:47 GMT
content-encoding: br
last-modified: Mon, 17 Jun 2019 23:12:11 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 19560
x-xss-protection: 0
expires: Tue, 18 Jun 2019 15:20:47 GMT

GET
H2 200 yfz2ehmghtn5.js Show response
js.driftt.com/include/1560871500000/ 131 KB
44 KB 175ms
116ms Script
application/javascript 52.222.167.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1560871500000/yfz2ehmghtn5.js

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.167.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-222-167-29.fra54.r.cloudfront.net

Software

nginx /

Resource Hash

311e523ee985f42b6279b3ab3b4bc19d165b4dc11186c585cdbd38cfb204fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: gzip
x-amz-cf-pop: FRA54
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 616f617776e843142ab5d87231cb3526.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 19:18:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: js9YjP0P8FDJHHLTCb2hZFa-HyoxaZNF44MNxpb6w1sLrfLKnOpq2w==

GET
H2 200 check.png
hellomedian.com/wp-content/themes/median/images/ 505 B
606 B 26ms
13ms Image
image/png 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/check.png

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

270cf965b6e3d83c6e3ef5eb440d44c4c8acf27070bafbf55a7e147784a76840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/wp-content/themes/median/css/cobrowse/main.css?ver=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: MISS
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 505
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-1f9"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
accept-ranges: bytes
cf-ray: 4e8e3fd40ea2bef1-FRA

GET
H2 200 close.png
hellomedian.com/wp-content/themes/median/images/ 286 B
397 B 23ms
11ms Image
image/png 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hellomedian.com/wp-content/themes/median/images/close.png

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b42a808f936f37801e360f1048c8f66b08d22ee2f034fa56ce2247497fe151eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/wp-content/themes/median/css/cobrowse/main.css?ver=2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 286
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: "5cd4a391-11e"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 5
accept-ranges: bytes
cf-ray: 4e8e3fd40ea4bef1-FRA

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Thu, 13 Jun 2019 23:21:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:39 GMT
server: sffe
age: 403156
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Fri, 12 Jun 2020 23:21:32 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 12ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Thu, 13 Jun 2019 22:35:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:10:29 GMT
server: sffe
age: 405944
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 12 Jun 2020 22:35:04 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
13 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Sat, 01 Jun 2019 00:14:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:06:19 GMT
server: sffe
age: 1523187
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13640
x-xss-protection: 0
expires: Sun, 31 May 2020 00:14:21 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
13 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Fri, 14 Jun 2019 03:32:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:06:27 GMT
server: sffe
age: 388112
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13516
x-xss-protection: 0
expires: Sat, 13 Jun 2020 03:32:16 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Sat, 01 Jun 2019 21:09:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:28 GMT
server: sffe
age: 1447897
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9016
x-xss-protection: 0
expires: Sun, 31 May 2020 21:09:11 GMT

GET
H2 200 icomoon.ttf
hellomedian.com/wp-content/themes/median/fonts/ 2 KB
1 KB 16ms
11ms Font
application/font-sfnt 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://hellomedian.com/wp-content/themes/median/fonts/icomoon.ttf?tmwp8a

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e006500831299030d4cd86c087ad594b8a9418cf3d06819d071df728623ffd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/wp-content/themes/median/css/cobrowse/main.css?ver=2
Origin: https://hellomedian.com

Response headers

x-fw-static: YES
date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-cacheable: YES
x-fw-server: Flywheel/4.1.0
x-cache: HIT
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-fw-type: VISIT
pragma: public
last-modified: Thu, 09 May 2019 22:02:57 GMT
server: cloudflare
etag: W/"5cd4a391-6c4"
x-fw-hash: znp7pndkta
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/font-sfnt
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: max-age=2592000, public
x-hits: 110
cf-ray: 4e8e3fd41ed7bef1-FRA

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
13 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Sat, 01 Jun 2019 21:12:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:06:12 GMT
server: sffe
age: 1447682
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Sun, 31 May 2020 21:12:46 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v13/ 13 KB
14 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v13/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Sat, 01 Jun 2019 12:20:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:05:58 GMT
server: sffe
age: 1479626
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Sun, 31 May 2020 12:20:22 GMT

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v16/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Fri, 14 Jun 2019 00:05:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:49 GMT
server: sffe
age: 400511
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9728
x-xss-protection: 0
expires: Sat, 13 Jun 2020 00:05:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800%7cOpen+Sans:300,400,400i,600,700
Origin: https://hellomedian.com

Response headers

date: Thu, 13 Jun 2019 22:34:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:12:28 GMT
server: sffe
age: 405973
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Fri, 12 Jun 2020 22:34:35 GMT

GET
H2 200 widget.a65dbf6.js Show response
js-cdn.hellomedian.com/ 242 KB
76 KB 24ms
23ms Script
application/javascript 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.hellomedian.com/widget.a65dbf6.js
Requested by: Host: js-cdn.hellomedian.com
URL: https://js-cdn.hellomedian.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4388c88bee1bbcdb3bdb902d18e5a9ef3ded37057d3e4b04703bf9545ee88c9c

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2019 16:34:23 GMT
server: AmazonS3
x-amz-request-id: 651D4AC87366BA75
etag: "fa8800cb5aafcae6f7b1ee8600575660"
x-hw: 1560871248.cds046.lo4.hn,1560871248.cds036.lo4.c
content-type: application/javascript
status: 200
cache-control: public, max-age=2073600
x-amz-version-id: dkvo9dxGgD7Fqn1u8nMCh8Vnf8B0c2vY
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77816
x-amz-id-2: uACsAJZn0Zkg+vwa0eTg5p+yuZL10KUIC0pio48/WJ8o5M5mZ1vTfjfeIg1Tji2LeWURMBMgJNA=

GET
H2 200 widget.a65dbf6.css
js-cdn.hellomedian.com/ Frame 26D5 63 KB
7 KB 21ms
20ms Stylesheet
text/css 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://js-cdn.hellomedian.com/widget.a65dbf6.css
Requested by: Host: js-cdn.hellomedian.com
URL: https://js-cdn.hellomedian.com/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8481790eb25ac88693489c51ddfe83862d2cf31b07df2a7cf77dedfad563efd9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2019 16:34:21 GMT
server: AmazonS3
x-amz-request-id: 19BB3F08EBA8B884
etag: "294cd0b266bf4999583789b3fe13f494"
x-hw: 1560871248.cds046.lo4.hn,1560871248.cds090.lo4.c
content-type: text/css
status: 200
cache-control: public, max-age=2073600
x-amz-version-id: BYkbowHy7C4akf4zOsKmlSlqFGgcpBq_
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7156
x-amz-id-2: XUeV1i65IwCbdBIv3iNaUZN16zF1REtIFc4wzxVJ6KZfXA7WXpJz0HA9OwaZrW0VjZ93NaK9g1Y=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHNB674

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 2021
date: Tue, 18 Jun 2019 14:47:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Tue, 18 Jun 2019 16:47:07 GMT

GET
H2 200 fs.js Show response
fullstory.com/s/ 169 KB
61 KB 48ms
14ms Script
application/javascript 2001:4860:4802:32::15
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

844df103f949c01526afa428f1c3d24b767581f6ab544ab29b4ee94af3a33d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 190
etag: "RhHGqA"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: cf8c5dee8c41e6887492d84f3cf6a8dc
cache-control: public, max-age=600
date: Tue, 18 Jun 2019 15:17:38 GMT
access-control-allow-origin: *
content-length: 62177
expires: Tue, 18 Jun 2019 15:27:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 26D5 7 KB
746 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

8ee054df7771d01363eff93589b01ed200eb2350e27e0f619114cfded4e4f0d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 18 Jun 2019 15:20:48 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 18 Jun 2019 15:20:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 18 Jun 2019 15:20:48 GMT

GET
H2 200 popover.js Show response
fast.wistia.com/assets/external/ 121 KB
25 KB 9ms
8ms Script
application/javascript 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/popover.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

bc4aeb3e1ce75ca0a0a747cf2c59418e5dab60948b5a4d3740dfeb5abd383afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
age: 2100
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 25149
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1035-SEA, cache-fra19181-FRA
x-browser-version: 74
last-modified: Tue, 18 Jun 2019 13:42:16 GMT
x-timer: S1560871248.389131,VS0,VE0
etag: "5d08ea38-623d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 36

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 92 KB
25 KB 8ms
7ms Script
application/javascript 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

b083b2bc462335ad3b61f7f79e3ac3ef34555ca69927a608a7e2ab9a20ffae76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
age: 2101
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 24788
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1044-SEA, cache-fra19181-FRA
x-browser-version: 74
last-modified: Tue, 18 Jun 2019 13:42:16 GMT
x-timer: S1560871248.389116,VS0,VE0
etag: "5d08ea38-60d4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 145

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1567097865&t=pageview&_s=1&dl=https%3A%2F%2Fhellomedian.com%2F&ul=en-us&de=UTF-8&dt=Median%20%7C%20Simple%20CoBrowsing%20for%20Support%20Team...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_gid=1990741638.1560871248&gjid=1654824339&_v=j76&z=988082486
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_v=j76&z=988082486
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_v=j76&z=988082486&slf_rd=1&random=685176460

42 B
109 B

29ms
28ms

Image
image/gif

2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_v=j76&z=988082486&slf_rd=1&random=685176460

Requested by

Host: hellomedian.com
URL: https://hellomedian.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jun 2019 15:20:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-100896075-1&cid=792712044.1560871248&jid=1980694449&_v=j76&z=988082486&slf_rd=1&random=685176460
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 803 B
1003 B 427ms
396ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 3c94233aa8d5181de05bda9a11dd8c7062cdb9fb986189b631408d4b3fe1d24d

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 15:20:48 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hellomedian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 803
expires: 0

GET
H2 200 CzwfyU0.json Show response
cdn.hellomedian.com/api/v2/widget/organization/ 1 KB
1 KB 3495ms
3440ms Fetch
application/json 151.139.128.10
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hellomedian.com/api/v2/widget/organization/CzwfyU0.json

Requested by

Host: js-cdn.hellomedian.com
URL: https://js-cdn.hellomedian.com/widget.a65dbf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),

Reverse DNS

Software

Cowboy /

Resource Hash

ef776587439c2d45e60f6e1071bc4258226c8b0deb7e81d5a7afa479ece534ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/
Origin: https://hellomedian.com

Response headers

date: Tue, 18 Jun 2019 15:20:51 GMT
content-encoding: gzip
access-control-allow-origin: *
status: 200
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-length: 649
x-request-id: 6e2901a3-2131-4f5b-a3ac-55bbbe86c6ad
x-runtime: 2.929594
server: Cowboy
etag: W/"ef776587439c2d45e60f6e1071bc4258"
strict-transport-security: max-age=31536000; includeSubDomains
x-hw: 1560871248.cds058.lo4.hn,1560871248.cds057.lo4.sc,1560871251.cds057.lo4.pr
content-type: application/json; charset=utf-8
via: 1.1 vegur
access-control-expose-headers
cache-control: max-age=60, public, no-transform
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d12183924739a0c3a90d68d21aaa347e62a901671d5a836455935dda54bf0caf

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://hellomedian.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H/1.1 200
OK ac5a4ea1060b4cf8415742ca3b6d03b01638cd70.jpg
embedwistia-a.akamaihd.net/deliveries/ 163 KB
163 KB 253ms
171ms Image
image/jpeg 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/ac5a4ea1060b4cf8415742ca3b6d03b01638cd70.jpg?image_crop_resized=1920x1200
Requested by: Host: hellomedian.com
URL: https://hellomedian.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 2ba791ac2642de05130d9b8a58b2fcea437a8146b12fda0627aedb842eedb65c

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: qNN8W960Z8O_4gtqiIeej_Y2aPNe0dl5
Access-Control-Request-Method: *
x-amz-storage-class: STANDARD_IA
Content-Disposition: inline
Connection: keep-alive
Content-Length: 166595
X-Served-By: bakeryaws-breadroute-potbrood,bakeryaws-prime-javitz
Last-Modified: Tue, 05 Sep 2017 21:44:55 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Jun 2019 15:20:48 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=28622915
Accept-Ranges: bytes

GET
H2 200 wistiaLogo.js Show response
fast.wistia.com/assets/external/ 22 KB
4 KB 15ms
9ms Script
application/javascript 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistiaLogo.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6cba2d0a01237876de7cf8712531ca32494730e850d27ec4bf3e90abc273a35c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
age: 2100
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 4464
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1022-SEA, cache-fra19181-FRA
x-browser-version: 74
last-modified: Tue, 18 Jun 2019 13:42:16 GMT
x-timer: S1560871249.558261,VS0,VE0
etag: "5d08ea38-1170"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 13

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame B534 0
0 10ms
8ms Document
text/html 52.222.167.29
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1560871500000/yfz2ehmghtn5.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.167.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-222-167-29.fra54.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://hellomedian.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 884
server: nginx
last-modified: Mon, 17 Jun 2019 19:18:24 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 18 Jun 2019 15:20:48 GMT
etag: "b88d6327758f35b8e9b883f1910e5a57"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 616f617776e843142ab5d87231cb3526.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA54
x-amz-cf-id: UucIsP7flzRsz7nxko0RPMqNk2MiqKvWmgYsT27JS1iO99SpltGLUQ==

GET
H2 200 fs.js Show response
fullstory.com/s/ Frame 26D5 169 KB
61 KB 37ms
14ms Script
application/javascript 2001:4860:4802:32::15
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fullstory.com/s/fs.js

Requested by

Host: fullstory.com
URL: https://fullstory.com/s/fs.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

844df103f949c01526afa428f1c3d24b767581f6ab544ab29b4ee94af3a33d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://hellomedian.com

Response headers

strict-transport-security: max-age=63072000
content-encoding: gzip
server: Google Frontend
age: 443
etag: "RhHGqA"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-cloud-trace-context: c9b40efca4a51fd1a1a2e9368b6aa6f4
cache-control: public, max-age=600
date: Tue, 18 Jun 2019 15:13:25 GMT
access-control-allow-origin: *
content-length: 62177
expires: Tue, 18 Jun 2019 15:23:25 GMT

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
97 B 353ms
345ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=F96KF&UserId=4748030495096832&SessionId=5795386623721472&PageId=4708797738844160&Seq=1&PageStart=1560871248751&PrevBundleTime=0
Requested by: Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ec94f7b848945249a3ed7ac4a0afa4b0f2a8231fbd97fac71b6e4e338e81e077

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 15:20:49 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hellomedian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
expires: 0

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 285 KB
62 KB 7ms
6ms Script
application/javascript 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

128aeb5528199918bc48c34e8c85ce2dedf832587fd41e76e632b313b5866a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
content-encoding: br
age: 2102
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 63648
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1026-SEA, cache-fra19181-FRA
x-browser-version: 74
last-modified: Tue, 18 Jun 2019 13:42:16 GMT
x-timer: S1560871249.915617,VS0,VE0
etag: "5d08ea38-f8a0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 107

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 27ms
6ms Image
image/gif 2a04:4e42::622
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/
Origin: https://hellomedian.com

Response headers

date: Tue, 18 Jun 2019 15:20:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 5702
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 1214
x-served-by: cache-sea1033-SEA, cache-fra19179-FRA
x-browser-version: 74
last-modified: Mon, 17 Jun 2019 17:16:48 GMT
x-timer: S1560871249.986602,VS0,VE0
etag: "5d07cb00-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 420

GET
H/1.1 200
OK bb7bd17d91e7e57ce8eb3d07a3c1b51131a96fff.bin Show response
embedwistia-a.akamaihd.net/deliveries/ 923 B
1 KB 121ms
60ms XHR
application/x-mpegurl 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/bb7bd17d91e7e57ce8eb3d07a3c1b51131a96fff.bin
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e75c670ce63ff9ae8d591abd63921828ccd198ed745f73760b1573e6be8425c9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/
Origin: https://hellomedian.com

Response headers

x-amz-version-id: G2.0KLvAINDykYvb6DV1z8bxKbnovBFd
Access-Control-Request-Method: *
Last-Modified: Tue, 05 Sep 2017 22:14:54 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Jun 2019 15:20:49 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=27343164
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 923
X-Served-By: bakeryaws-breadroute-potbrood,bakeryaws-prime-trask

OPTIONS
H/1.1 200
OK bb7bd17d91e7e57ce8eb3d07a3c1b51131a96fff.ts Show response
embedwistia-a.akamaihd.net/deliveries/ 0
0 25ms
25ms XHR
text/html 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/bb7bd17d91e7e57ce8eb3d07a3c1b51131a96fff.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://hellomedian.com
Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Range
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, HEAD, OPTIONS

GET
H/1.1 206
Partial Content bb7bd17d91e7e57ce8eb3d07a3c1b51131a96fff.ts Show response
embedwistia-a.akamaihd.net/deliveries/ 220 KB
221 KB 61ms
61ms XHR
video/mp2t 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/bb7bd17d91e7e57ce8eb3d07a3c1b51131a96fff.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: fc6b92adaa5955f4e71b507065371c3b1599650243fcc67163ecc8ca6479c7b1

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-225787

Response headers

x-amz-version-id: f6t7uAJIfcv752zwdWloptG7J1fT_w2m
Access-Control-Request-Method: *
x-amz-storage-class: STANDARD_IA
Connection: keep-alive
Content-Length: 225788
X-Served-By: bakeryaws-breadroute-sangak,bakeryaws-prime-exodus
Content-Range: bytes 0-225787/1652144
Last-Modified: Tue, 05 Sep 2017 22:14:55 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Jun 2019 15:20:49 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=27343007
Accept-Ranges: bytes

POST
H2 204 x Show response
distillery.wistia.com/ 0
95 B 544ms
177ms XHR
text/plain 52.40.58.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.58.131 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-40-58-131.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 18 Jun 2019 15:20:49 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: *

GET
H/1.1 200
OK e742d6cca99a9c16a897ebf813e32896c549838e.bin Show response
embedwistia-a.akamaihd.net/deliveries/ 925 B
1 KB 49ms
49ms XHR
application/x-mpegurl 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/e742d6cca99a9c16a897ebf813e32896c549838e.bin
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: a3a7840681ac66177a087e85b31daa9028a181d8d942f8f224fe8511ecc6a4fa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/
Origin: https://hellomedian.com

Response headers

x-amz-version-id: 7Y5Z7oXAAoS7QKCUptNLJKgJeBwzSfhq
Access-Control-Request-Method: *
Last-Modified: Tue, 05 Sep 2017 22:15:02 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Jun 2019 15:20:49 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=27343124
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 925
X-Served-By: bakeryaws-breadroute-teacake,bakeryaws-prime-harpoon

OPTIONS
H/1.1 200
OK e742d6cca99a9c16a897ebf813e32896c549838e.ts Show response
embedwistia-a.akamaihd.net/deliveries/ 0
0 25ms
25ms XHR
text/html 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/e742d6cca99a9c16a897ebf813e32896c549838e.ts
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://hellomedian.com
Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Range
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, HEAD, OPTIONS

GET
H/1.1 206
Partial Content e742d6cca99a9c16a897ebf813e32896c549838e.ts Show response
embedwistia-a.akamaihd.net/deliveries/ 297 KB
298 KB 64ms
63ms XHR
video/mp2t 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/e742d6cca99a9c16a897ebf813e32896c549838e.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: ad2e07649b7360ded71d82b6a5e551201688e3d65f9e35b0456d8e9894ae9da4

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-304559

Response headers

x-amz-version-id: D7ZuVrx.dnPHLyxA4sNJz3dPmoxx42I6
Access-Control-Request-Method: *
x-amz-storage-class: STANDARD_IA
Connection: keep-alive
Content-Length: 304560
X-Served-By: bakeryaws-breadroute-potbrood,bakeryaws-prime-trask
Content-Range: bytes 0-304559/2350564
Last-Modified: Tue, 05 Sep 2017 22:15:02 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Jun 2019 15:20:49 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=27343119
Accept-Ranges: bytes

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
206 B 551ms
179ms XHR
text/html 52.89.139.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://pipedream.wistia.com/mput?topic=metrics

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.139.175 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-89-139-175.us-west-2.compute.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 18 Jun 2019 15:20:50 GMT
x-content-type-options: nosniff
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: *
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 CzwfyU0.json Show response
app.hellomedian.com/api/v2/widget/location_rules/ 24 B
585 B 567ms
487ms Fetch
application/json 2606:4700:30::681c:1c2
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hellomedian.com/api/v2/widget/location_rules/CzwfyU0.json

Requested by

Host: js-cdn.hellomedian.com
URL: https://js-cdn.hellomedian.com/widget.a65dbf6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1c2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ed042e3f03ef7cfdb2ad352ad946830253a06342c232d097412f71e9b05491b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://hellomedian.com/
Origin: https://hellomedian.com

Response headers

date: Tue, 18 Jun 2019 15:20:52 GMT
via: 1.1 vegur
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
vary: Accept-Encoding, Origin
x-request-id: e04ef896-9a09-4032-a045-22ac4bc1a385
x-runtime: 0.067373
server: cloudflare
etag: W/"6ed042e3f03ef7cfdb2ad352ad946830"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=3600, public
cf-ray: 4e8e3fed3cfad6f1-FRA

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v16/ Frame 26D5 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v16/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Origin: https://hellomedian.com

Response headers

date: Thu, 13 Jun 2019 23:21:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:11:39 GMT
server: sffe
age: 403160
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Fri, 12 Jun 2020 23:21:32 GMT

POST
H2 200 bundle Show response
rs.fullstory.com/rec/ 29 B
94 B 121ms
121ms XHR
application/json 35.186.194.58
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=F96KF&UserId=4748030495096832&SessionId=5795386623721472&PageId=4708797738844160&Seq=2&PageStart=1560871248751&PrevBundleTime=1560871249069
Requested by: Host: fullstory.com
URL: https://fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.186.194.58 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ba2140b3747801770ef9ccae8d0ddf33f31493691143988d96fb46b377448217

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jun 2019 15:20:53 GMT
via: 1.1 google
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hellomedian.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 29
expires: 0

OPTIONS
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 0
247 B 488ms
95ms XHR
text/plain 34.236.200.201
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/wistia-mux.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.200.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-200-201.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://hellomedian.com
Referer: https://hellomedian.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Jun 2019 15:20:54 GMT
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 43 B
349 B 95ms
95ms XHR
image/gif 34.236.200.201
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.236.200.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-236-200-201.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://hellomedian.com/
Origin: https://hellomedian.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 18 Jun 2019 15:20:54 GMT
Access-Control-Allow-Methods: POST, GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hellomedian.com/	1969-12-31 23:59:59	Name: loglevel Value: WARN
.hellomedian.com/	1970-01-22 17:10:31	Name: mdn_anonymous_id Value: 20ab0984-e0fd-56a5-ad1c-19431a98ca58
hellomedian.com/	1970-01-19 10:20:07	Name: __distillery Value: 0761bd8_3fb1017c-47e0-40c2-9598-228366975737-216620eda-185b8a9a96ae-0e36
hellomedian.com/	1970-01-19 19:07:09	Name: driftt_aid Value: b142a1a3-cbc4-4492-963c-ef0fd3e4aaf3
.hellomedian.com/	1970-01-19 01:34:31	Name: _gat_UA-100896075-1 Value: 1
.hellomedian.com/	1970-01-19 19:05:43	Name: _ga Value: GA1.2.792712044.1560871248
.hellomedian.com/	1970-01-19 01:35:57	Name: _gid Value: GA1.2.1990741638.1560871248
.hellomedian.com/	1970-01-19 10:20:07	Name: __cfduid Value: d90c4cad43b911a10282acaf7d67dcf811560871247

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.hellomedian.com
cdn.hellomedian.com
distillery.wistia.com
embedwistia-a.akamaihd.net
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
fonts.gstatic.com
fullstory.com
hellomedian.com
js-cdn.hellomedian.com
js.driftt.com
pipedream.wistia.com
rs.fullstory.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
151.139.128.10
2.16.186.18
2001:4860:4802:32::15
2606:4700:30::681c:1c2
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:816::2008
2a00:1450:4001:817::200e
2a00:1450:4001:819::2003
2a00:1450:400c:c06::9c
2a04:4e42::622
34.236.200.201
35.186.194.58
52.222.167.29
52.40.58.131
52.89.139.175
06a49f04f5c6120ccd16f21df59727ff4d864fb082ebc7bc71105e0ef1e94601
0a6f90992713e28094e29c2b86c652a18a4602405c512ed6562c35b4e6bbd3c1
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
128aeb5528199918bc48c34e8c85ce2dedf832587fd41e76e632b313b5866a88
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
270cf965b6e3d83c6e3ef5eb440d44c4c8acf27070bafbf55a7e147784a76840
2ba791ac2642de05130d9b8a58b2fcea437a8146b12fda0627aedb842eedb65c
311e523ee985f42b6279b3ab3b4bc19d165b4dc11186c585cdbd38cfb204fba3
313b83415da115c777461cb15fa8c53355acb8bcb8d125782e830e3e09d0c42b
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
3c94233aa8d5181de05bda9a11dd8c7062cdb9fb986189b631408d4b3fe1d24d
3e006500831299030d4cd86c087ad594b8a9418cf3d06819d071df728623ffd3
4388c88bee1bbcdb3bdb902d18e5a9ef3ded37057d3e4b04703bf9545ee88c9c
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
623d9baef9d857e510a06ad3d51a9d62982693bac2a0248c8e6c3454f9df07ba
6cba2d0a01237876de7cf8712531ca32494730e850d27ec4bf3e90abc273a35c
6d74b9a096ba310863ffc48620c92df5848a339985fb436f98978eb09884754f
6ed042e3f03ef7cfdb2ad352ad946830253a06342c232d097412f71e9b05491b
786884cfe52acb7b674157bf151c7ce478b5cf2c182dbf4201cd098b2d6b6d90
7ea9eb275ad382a9113cfdf035dbfb631a0053df892493e891c8b5d185d09c3d
844df103f949c01526afa428f1c3d24b767581f6ab544ab29b4ee94af3a33d88
8481790eb25ac88693489c51ddfe83862d2cf31b07df2a7cf77dedfad563efd9
8ea82fde0e01eeca282937e9e793f2b57d06389357b625a8a7b1d8dcf18e9b53
8ee054df7771d01363eff93589b01ed200eb2350e27e0f619114cfded4e4f0d5
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a347dc4a866f9348d8d14922b14dd7ca2e545fdda2df03e537d522c8b28a9ffc
a3a7840681ac66177a087e85b31daa9028a181d8d942f8f224fe8511ecc6a4fa
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8d58d87864c67a3ac423c43706f41a837de3502b2a2483d8de3000e8bad3286
ad2e07649b7360ded71d82b6a5e551201688e3d65f9e35b0456d8e9894ae9da4
b083b2bc462335ad3b61f7f79e3ac3ef34555ca69927a608a7e2ab9a20ffae76
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42a808f936f37801e360f1048c8f66b08d22ee2f034fa56ce2247497fe151eb
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b97d204c8ca0067df33c7f32190ff8277e5f1257a1c0369f55966283afa3d24f
ba2140b3747801770ef9ccae8d0ddf33f31493691143988d96fb46b377448217
bc4aeb3e1ce75ca0a0a747cf2c59418e5dab60948b5a4d3740dfeb5abd383afa
c50f61ad5c2e6b7a6697615a462a60fdfbdd14ac9f43d1cb43ec467af71a206e
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
d12183924739a0c3a90d68d21aaa347e62a901671d5a836455935dda54bf0caf
d19b10836b3ef27431bea4f069ed0999767bb49868fd333570155485f66ec883
d7a2352a265e92c77f07367a5c2ae71c8340edbe72af0d074478fe4969bd66a5
d971cf1b65037409f71e8e9c39282b9b4ebcb2308e89a852a40a9cc259fd1a9d
da8fe41026589196d7f590fa86e673c756b9d0aa3623b2b2f59ee6f7c0d30a43
da9cbbd446b457b359ff99c81731ea9d46681b4ad5b78cda282c02a59743f4db
dc09bc8df5aae48f38b9524b49290ace7040ba5d71ef45caf5d5d0eeff6cf332
e36499f4f33fc3d2bb394e748fd404df64fd5d7898e0b7ce3b6cb22abb354ad5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52f0d1413c6186b24922307e6fa1c3a5197993fc3239a1f7ac5dfbf78ead492
e5759950b9a478b2fa0605b3e9961d9fdcd1b80c8dc42786685b3f189eccd8b3
e699b8fcc2a16555595b5f4c4339d36272dbeb820d8131af43b13663b4103637
e75c670ce63ff9ae8d591abd63921828ccd198ed745f73760b1573e6be8425c9
ec94f7b848945249a3ed7ac4a0afa4b0f2a8231fbd97fac71b6e4e338e81e077
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef776587439c2d45e60f6e1071bc4258226c8b0deb7e81d5a7afa479ece534ab
fc6b92adaa5955f4e71b507065371c3b1599650243fcc67163ecc8ca6479c7b1
ff7cbb4cd536f5153632d0095b6da42714b5f411ae5cf92495dea049cbe86b79
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

hellomedian.com Open in urlscan Pro 2606:4700:30::681c:1c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

68 Requests

100 %HTTPS

59 %IPv6

13 Domains

19 Subdomains

16 IPs

4 Countries

1572 kBTransfer

3256 kBSize

8 Cookies

10 Outgoing links

Page URL History

Redirected requests

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hellomedian.com Open in urlscan Pro
2606:4700:30::681c:1c2 Public Scan

Screenshot
Live screenshot

Full Image

68
Requests

100 %
HTTPS

59 %
IPv6

13
Domains

19
Subdomains

16
IPs

4
Countries

1572 kB
Transfer

3256 kB
Size

8
Cookies

68 HTTP transactions
3 data transactions