www.medfusion.com Open in urlscan Pro
104.155.133.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.medfusion.net/
Effective URL:
https://www.medfusion.com/
Submission: On December 15 via api (December 15th 2021, 6:09:48 pm UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 19 domains to perform 58 HTTP transactions. The main IP is 104.155.133.44, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.medfusion.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on January 30th 2020. Valid for: 2 years.

This is the only time www.medfusion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.74.47.131 208.74.47.131	13649 (ASN-VINS) (ASN-VINS)
2 19	104.155.133.44 104.155.133.44	15169 (GOOGLE) (GOOGLE)
2	207.189.124.55 207.189.124.55	13649 (ASN-VINS) (ASN-VINS)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
5	52.21.178.134 52.21.178.134	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.245.144.60 199.245.144.60	54577 (NEXTGENHE...) (NEXTGENHEALTH)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
1	40.71.199.117 40.71.199.117	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	22

1 208.74.47.131 (United States) 1 redirects

ASN13649 (ASN-VINS, US)
PTR: ip3-131.medfusion.net

www.medfusion.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.155.133.44 (Council Bluffs, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 44.133.155.104.bc.googleusercontent.com

medfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.medfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.189.124.55 (United States)

ASN13649 (ASN-VINS, US)
PTR: forpci55.actonsoftware.com

marketing.medfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.21.178.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-2-ue1.aws.pardot.com

ng.nextgen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.245.144.60 (United States)

ASN54577 (NEXTGENHEALTH, US)

bridge.nextgen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

jamesallardice.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.199.117 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.nextgen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	medfusion.com 2 redirects medfusion.com www.medfusion.com marketing.medfusion.com	1 MB
6	nextgen.com ng.nextgen.com bridge.nextgen.com www.nextgen.com	207 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	google.com 1 redirects www.google.com	151 B
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	77 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	103 KB
3	google.de www.google.de	675 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	3 KB
3	googleadservices.com www.googleadservices.com	33 KB
2	pardot.com pi.pardot.com	4 KB
2	facebook.com www.facebook.com	313 B
2	gstatic.com fonts.gstatic.com	62 KB
2	facebook.net connect.facebook.net	113 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	github.io jamesallardice.github.io	3 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	medfusion.net 1 redirects www.medfusion.net	2 KB
58	19

	Domain	Requested by
18	www.medfusion.com	1 redirects www.medfusion.com
4	www.google.com	1 redirects www.medfusion.com
3	maxcdn.bootstrapcdn.com	ng.nextgen.com maxcdn.bootstrapcdn.com
3	www.google.de	www.medfusion.com
3	ng.nextgen.com	www.medfusion.com ng.nextgen.com pi.pardot.com
3	ajax.googleapis.com	www.medfusion.com ng.nextgen.com
3	www.googleadservices.com	www.medfusion.com www.googleadservices.com www.googletagmanager.com
2	pi.pardot.com	ng.nextgen.com pi.pardot.com
2	bridge.nextgen.com	ng.nextgen.com bridge.nextgen.com
2	www.facebook.com	www.medfusion.com
2	fonts.gstatic.com	fonts.googleapis.com
2	px.ads.linkedin.com	2 redirects
2	connect.facebook.net	www.medfusion.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	marketing.medfusion.com	www.medfusion.com
1	www.nextgen.com	ng.nextgen.com
1	jamesallardice.github.io	ng.nextgen.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.medfusion.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	fonts.googleapis.com	ajax.googleapis.com
1	www.googletagmanager.com	www.medfusion.com
1	cdnjs.cloudflare.com	www.medfusion.com
1	medfusion.com	1 redirects
1	www.medfusion.net	1 redirects
58	27

This site contains links to these domains. Also see Links.

Domain
www.nextgen.com
twitter.com
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
www.medfusion.com Sectigo RSA Extended Validation Secure Server CA	`2020-01-30` - `2022-01-29`	2 years	crt.sh
marketing.medfusion.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
ng.nextgen.com R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-24` - `2021-12-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.nextgen.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2022-06-16`	2 years	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.medfusion.com/
Frame ID: D041B7C1BBB9B590A2DD37821AA2409A
Requests: 43 HTTP requests in this frame

Frame: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
Frame ID: 3607B66A7EC1B24F6629629CA1ECA019
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BCAB724B522E3CFDDD57D6246C30E7B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Patient Experience Portal, Scheduling, Payment Solutions - Medfusion

Page URL History Show full URLs

http://www.medfusion.net/ HTTP 301
http://medfusion.com/ HTTP 301
http://www.medfusion.com/ HTTP 301
https://www.medfusion.com/ Page URL

Page Statistics

58
Requests

97 %
HTTPS

67 %
IPv6

19
Domains

27
Subdomains

22
IPs

4
Countries

1824 kB
Transfer

4200 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nextgen.com/how-we-help/patient-engagement
Title: Learn more

Search URL Search Domain Scan URL

URL: https://twitter.com/medfusion

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/medfusion-inc-

Search URL Search Domain Scan URL

URL: https://www.facebook.com/medfusioninc/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.medfusion.net/ HTTP 301
http://medfusion.com/ HTTP 301
http://www.medfusion.com/ HTTP 301
https://www.medfusion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=XS-6YZiuK8_I1gaH-ZWwBQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XS-6YZiuK8_I1gaH-ZWwBQ&random=3796161454&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XS-6YZiuK8_I1gaH-ZWwBQ&random=3796161454&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 27

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D24601%26time%3D1639591773806%26url%3Dhttps%253A%252F%252Fwww.medfusion.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F&liSync=true&e_ipv6=AQJLvFjNT67okwAAAX2_SQhTbWeRyjofh9synYboL-6QBNkybZnbKG71pxB4PiATopHG3qIh

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.medfusion.com/
Redirect Chain

http://www.medfusion.net/
http://medfusion.com/
http://www.medfusion.com/
https://www.medfusion.com/

53 KB
14 KB

610ms
224ms

Document
text/html

104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: e749ef69ed1ea109f7ddf44b3d310eab039cb4fa113d9a2ed8cbfaa75c9e3b56

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 15 Dec 2021 18:09:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
p3p: CP="ALL DSP NID CURa ADMa DEVa HISa OTPa OUR NOR NAV DEM"
x-pingback: https://www.medfusion.com/xmlrpc.php
link: <https://www.medfusion.com/wp-json/>; rel="https://api.w.org/" <https://www.medfusion.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://www.medfusion.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 19
x-cache-group: normal
content-encoding: br

Redirect headers

Server: nginx
Date: Wed, 15 Dec 2021 18:09:32 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://www.medfusion.com/

GET
H/1.1 200 form.js Show response
marketing.medfusion.com/acton/form/9313/018c/ 44 KB
14 KB 928ms
170ms Script
text/javascript 207.189.124.55
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketing.medfusion.com/acton/form/9313/018c/form.js

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.55 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci55.actonsoftware.com

Software

Resource Hash

6ee51186e79b085ac3ee37326f6ddb3620cecb46169de9dcc549b828295dbc74

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=16070400
Keep-Alive: timeout=10
Content-Length: 13810

GET
H2 200 autoptimize_bc09827688352f7b3d712e8102e69b85.css
www.medfusion.com/wp-content/cache/autoptimize/css/ 864 KB
102 KB 165ms
164ms Stylesheet
text/css 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medfusion.com/wp-content/cache/autoptimize/css/autoptimize_bc09827688352f7b3d712e8102e69b85.css
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3cf19b89805b438f0766952814e0ddb22b78e85c4379747f6e4dc2defe5de53b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: br
last-modified: Tue, 27 Apr 2021 10:12:40 GMT
server: nginx
etag: W/"6087e398-d800f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/ 2 KB
2 KB 33ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 513626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 747
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-9e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhm9EipSQ2UTFNUqlC1472lt6YA6%2BbFhxWtkqIHaPq%2FVqrGNvzZZjACLiDLbZs3eqMG5%2BU1vEDWvlmz1Dt8uLGaPqzRs0zBALjnQJwEDaX9Lps5QU5AKdIpHzcvSWSQZ0mu4SfDzOD%2BiFPXIEr5DDuXp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6be19fa8cadf4e44-FRA
expires: Mon, 05 Dec 2022 18:09:33 GMT

GET
H2 200 medfusion-logo.png
www.medfusion.com/wp-content/themes/twentysixteen-child/images/ 17 KB
17 KB 126ms
125ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/themes/twentysixteen-child/images/medfusion-logo.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ae4e086a771015a918c834be4d0866332df8aab14aa86fd7b0ddcf0d4dd0573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Wed, 19 Dec 2018 22:13:56 GMT
server: nginx
etag: "5c1ac2a4-4398"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17304

GET
H2 200 transparent.png
www.medfusion.com/wp-content/plugins/revslider/admin/assets/images/ 71 B
271 B 126ms
125ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/plugins/revslider/admin/assets/images/transparent.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8ea078292393a14a8e44be139a7fa6ed09d9c650e210eccca587045239b71cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Fri, 26 May 2017 19:54:02 GMT
server: nginx
etag: "592887da-47"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 71

GET
H2 200 CO_031620_MedFusion-Hero_1200x280-2.jpg
www.medfusion.com/wp-content/uploads/2020/03/ 46 KB
47 KB 137ms
136ms Image
image/jpeg 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2020/03/CO_031620_MedFusion-Hero_1200x280-2.jpg
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 76f5ba4ed6629dc332d7c97ed67d20330dfe18abe961c0b3d186ad945f471fe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Tue, 17 Mar 2020 19:43:57 GMT
server: nginx
etag: "5e71287d-b925"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 47397

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 147ms
60ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17610
x-xss-protection: 0
server: cafe
etag: 5620577396173936331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 18:09:33 GMT

GET
H2 200 autoptimize_126d2105cd7541347916a8feef2a8e02.js Show response
www.medfusion.com/wp-content/cache/autoptimize/js/ 785 KB
229 KB 161ms
160ms Script
application/javascript 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medfusion.com/wp-content/cache/autoptimize/js/autoptimize_126d2105cd7541347916a8feef2a8e02.js
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5d98d71ea97846e0d6f2ea3227c9ff0aa272b6098ce4413275517b29f459eadb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: br
last-modified: Wed, 18 Aug 2021 08:53:23 GMT
server: nginx
etag: W/"611cca83-c45cd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ 13 KB
14 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:21:46 GMT
x-content-type-options: nosniff
age: 100067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13313
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Dec 2022 14:21:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
62 KB 144ms
57ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W4M3CQ

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d2524e50c10ec8af4fbb9d41f5ad68cdc0fef004ca17d460b4ecbdc5c92e085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62642
x-xss-protection: 0
expires: Wed, 15 Dec 2021 18:09:33 GMT

GET
H/1.0 200
OK z1jbn Show response
ng.nextgen.com/l/488571/2020-05-19/ Frame 3607 21 KB
6 KB 727ms
376ms Document
text/html 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 31a353287531f1295fd6765468f8c66db9bfcccfed0f0da1cbcb20096758aaf2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/

Response headers

Date: Wed, 15 Dec 2021 18:09:33 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Pardot-Rsp: 16/110/85
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5513
Content-Type: text/html; charset=utf-8
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
Server: PardotServer
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Connection: keep-alive

GET
H2 200 mom-and-daughter-on-couch.jpg
www.medfusion.com/wp-content/uploads/2015/05/ 78 KB
78 KB 132ms
132ms Image
image/jpeg 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2015/05/mom-and-daughter-on-couch.jpg?id=4048
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 52a4b0ca24e4841a7abce294011e2ec64d9b20b8a4f3cea1dc1cf4a595923325

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Fri, 26 May 2017 19:54:12 GMT
server: nginx
etag: "592887e4-1388b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 80011

GET
H2 200 fa.woff2
www.medfusion.com/wp-content/plugins/mpc-massive/assets/fonts/fa/ 75 KB
76 KB 132ms
131ms Font
font/woff2 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medfusion.com/wp-content/plugins/mpc-massive/assets/fonts/fa/fa.woff2?v=4.7.0
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/wp-content/cache/autoptimize/css/autoptimize_bc09827688352f7b3d712e8102e69b85.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.medfusion.com/wp-content/cache/autoptimize/css/autoptimize_bc09827688352f7b3d712e8102e69b85.css
Origin: https://www.medfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Tue, 21 Nov 2017 13:58:32 GMT
server: nginx
etag: "5a143108-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 medfusion-logo.png
www.medfusion.com/wp-content/uploads/2017/05/ 17 KB
17 KB 173ms
172ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2017/05/medfusion-logo.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ae4e086a771015a918c834be4d0866332df8aab14aa86fd7b0ddcf0d4dd0573

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Tue, 18 Dec 2018 22:14:59 GMT
server: nginx
etag: "5c197163-4398"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17304

GET
H2 200 PCI-compliance-BW.png
www.medfusion.com/wp-content/uploads/2015/05/ 5 KB
5 KB 173ms
172ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2015/05/PCI-compliance-BW.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f4ee99f7b452c67121f363061e636e40d2167ff7ca68e988f3e4e05ae69f27b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Mon, 19 Mar 2018 20:50:54 GMT
server: nginx
etag: "5ab022ae-144a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 5194

GET
H2 200 Medfusion-HITRUST-footer-e1560265233967.png
www.medfusion.com/wp-content/uploads/2019/06/ 8 KB
8 KB 173ms
172ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2019/06/Medfusion-HITRUST-footer-e1560265233967.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: f16b1e59166e6649b1462f4b294c91d2199bb537663b242f52d09695f0cc4b8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Tue, 11 Jun 2019 15:00:33 GMT
server: nginx
etag: "5cffc211-1f32"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 7986

GET
H2 200 ONC_Certification_HIT_BW_web-300x90.png
www.medfusion.com/wp-content/uploads/2015/05/ 8 KB
8 KB 230ms
229ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2015/05/ONC_Certification_HIT_BW_web-300x90.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 29149706281cb9647d58131768e4287cef554ca4795f1ec97ab53407323f968f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Thu, 30 Nov 2017 21:46:15 GMT
server: nginx
etag: "5a207c27-1fc0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 8128

GET
H2 200 HIPAA-square-logo-web-lighter.png
www.medfusion.com/wp-content/uploads/2015/05/ 2 KB
2 KB 230ms
230ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2015/05/HIPAA-square-logo-web-lighter.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 818d7e4632bf0259e0acb3488ebf24b7fe30e16554aef7514890a1f6d3956500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
last-modified: Mon, 19 Mar 2018 20:54:18 GMT
server: nginx
etag: "5ab0237a-7f5"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2037

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 131ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e04b5384e74186cfdd9454dbb35734d57ee8b3977a5a5aa23990bb427a15e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 16:56:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 18:09:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 18:09:33 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1011103654/ 2 KB
1 KB 50ms
49ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1011103654/?random=1639591773689&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c9a3036d260aa3922a0a9ee5b82bcabc0af9a48e37d5fbae62a3b8e4517a99de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1157
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/privacysandbox/conversion/1011103654/ 0
0 132ms
49ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/1011103654/?random=1639591773689&cv=9&fst=1639591773689&num=1&fmt=3&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 404
/offsite/notFound.jsp 9313
marketing.medfusion.com/cdnr/55/acton/bn/tracker/ 0
0 471ms
170ms Script
text/plain 207.189.124.55
ASN-VINS

General

Check archive.org

Show headers Download Go to

Full URL

https://marketing.medfusion.com/cdnr/55/acton/bn/tracker/9313

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.55 , United States, ASN13649 (ASN-VINS, US),

Reverse DNS

forpci55.actonsoftware.com

Software

Apache-Coyote/1.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:33 GMT
X-Cnection: close
Server: Apache-Coyote/1.1
Content-Length: 0
Strict-Transport-Security: max-age=16070400
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H3

200

/
www.google.de/pagead/1p-conversion/1011103654/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&e...
https://www.google.com/pagead/1p-conversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200...
https://www.google.de/pagead/1p-conversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&...

42 B
64 B

109ms
59ms

Image
image/gif

2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XS-6YZiuK8_I1gaH-ZWwBQ&random=3796161454&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1011103654/?random=1750066594&cv=9&fst=1639591773689&num=1&label=NlLJCJfNj2YQpu-Q4gM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XS-6YZiuK8_I1gaH-ZWwBQ&random=3796161454&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4M3CQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4107
date: Wed, 15 Dec 2021 17:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 19:01:06 GMT

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 57ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4M3CQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 18:09:33 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 27ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4M3CQ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=45133
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 48ms
16ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: xgGBxU5uy+wapBre/7TZQDg0CiAtJVABi4N1dsnBuTK682Ftg7cLaCEFZHGnnRMqaMByR63w9QhT2qLBNsm5zw==
x-fb-trip-id: 1709462857
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 15 Dec 2021 18:09:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D24601%26time%3D1639591773806%26url%3Dhttps%253A%252F%252Fwww.medfusion.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F&liSync=true&e_ipv6=AQJLvFjNT67okwAAAX2_SQhTbWeRyjofh9synYboL-6QBNkybZnbKG71pxB4Pi...

0
156 B

312ms
116ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F&liSync=true&e_ipv6=AQJLvFjNT67okwAAAX2_SQhTbWeRyjofh9synYboL-6QBNkybZnbKG71pxB4PiATopHG3qIh
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: VdZdNQgAwRYQyU4NryoAAA==

Redirect headers

date: Wed, 15 Dec 2021 18:09:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C9380041C8154394BD1ABCD62C135E45 Ref B: VIEEDGE1118 Ref C: 2021-12-15T18:09:34Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=24601&time=1639591773806&url=https%3A%2F%2Fwww.medfusion.com%2F&liSync=true&e_ipv6=AQJLvFjNT67okwAAAX2_SQhTbWeRyjofh9synYboL-6QBNkybZnbKG71pxB4PiATopHG3qIh
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTMzVISqjH/5rm3M7jVw==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 124ms
36ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 447451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:52:02 GMT

GET
H2 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v27/ 17 KB
17 KB 176ms
89ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medfusion.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 14:26:25 GMT
x-content-type-options: nosniff
age: 99788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17768
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 14:26:25 GMT

GET
H3 200 131991600904278 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 158ms
141ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/131991600904278?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e4a3b3071a743481ff2dfd21a9b910b938e4e235d6917181aeeb64a840e9866

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: EFVCpRysCq2t8b+fdElXrwiJn4/kmKei6sAYPWeix028WA53+zRkAwFToRpFvUorBji2kBzCs3IHbtNY5nL7AQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 15 Dec 2021 18:09:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011103654/ 2 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011103654/?random=1639591773860&cv=9&fst=1639591773860&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90eecf919ea77eba8308874e7a9509c24b1f1606a5930b760509a89661a5dfbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 93ms
46ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=165830371&t=pageview&_s=1&dl=https%3A%2F%2Fwww.medfusion.com%2F&ul=en-us&de=UTF-8&dt=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1133693304&gjid=1675806802&cid=14653697.1639591774&tid=UA-51792752-1&_gid=2019098283.1639591774&_r=1&gtm=2wgc10W4M3CQ&z=1966564247

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medfusion.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.medfusion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1011103654/ 42 B
64 B 61ms
51ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011103654/?random=1639591773860&cv=9&fst=1639591200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&async=1&fmt=3&is_vtc=1&random=1767002676&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1011103654/ 42 B
548 B 139ms
51ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011103654/?random=1639591773860&cv=9&fst=1639591200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.medfusion.com%2F&tiba=Patient%20Experience%20Portal%2C%20Scheduling%2C%20Payment%20Solutions%20-%20Medfusion&async=1&fmt=3&is_vtc=1&random=1767002676&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 admin-ajax.php Show response
www.medfusion.com/wp-admin/ 3 KB
2 KB 244ms
244ms XHR
application/json 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.medfusion.com/wp-admin/admin-ajax.php?id=&post_id=0&slug=home&canonical_url=https%3A%2F%2Fwww.medfusion.com%2F&posts_per_page=3&page=0&offset=0&post_type=post,resources&repeater=default&seo_start_page=1&theme_repeater=flex.php&preloaded=false&preloaded_amount=0&sticky_posts=true&order=DESC&orderby=date&action=alm_get_posts&query_type=standard

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/wp-content/cache/autoptimize/js/autoptimize_126d2105cd7541347916a8feef2a8e02.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

44.133.155.104.bc.googleusercontent.com

Software

nginx / WP Engine

Resource Hash

075421c5bb5ce7cf414683fa0a54d1652136d3f6f743f000ecb0afb7afd71f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.medfusion.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-cacheable: NO:Passed
server: nginx
x-powered-by: WP Engine
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=0, must-revalidate, private
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
x-pass-why: wp-admin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51792752-1&cid=14653697.1639591774&jid=1133693304&gjid=1675806802&_gid=2019098283.1639591774&_u=YEBAAEAAAAAAAC~&z=137353809

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medfusion.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 15 Dec 2021 18:09:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.medfusion.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 45ms
14ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=131991600904278&ev=PageView&dl=https%3A%2F%2Fwww.medfusion.com%2F&rl=&if=false&ts=1639591774109&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1639591774108.421994266&it=1639591773856&coo=false&rqm=GET

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 15 Dec 2021 18:09:34 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51792752-1&cid=14653697.1639591774&jid=1133693304&_u=YEBAAEAAAAAAAC~&z=3642584

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 77ms
76ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51792752-1&cid=14653697.1639591774&jid=1133693304&_u=YEBAAEAAAAAAAC~&z=3642584

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 18:09:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PE_040620_TelehealthDemo_1200x628_B3.jpg
www.medfusion.com/wp-content/uploads/2020/04/ 343 KB
343 KB 117ms
116ms Image
image/jpeg 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2020/04/PE_040620_TelehealthDemo_1200x628_B3.jpg
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3b0599010f93b79b60fa528f2129bea1fb4ebe1a764943918e91466f26fe7ade

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
last-modified: Wed, 08 Apr 2020 18:38:59 GMT
server: nginx
etag: "5e8e1a43-55b4b"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 351051

GET
H2 200 telehealth-3.png
www.medfusion.com/wp-content/uploads/2020/03/ 147 KB
148 KB 127ms
126ms Image
image/png 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2020/03/telehealth-3.png
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: c832d42c5c9055eeee60df459d1aa240fab4c46b4e38322f70889fda61e5532a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
last-modified: Mon, 23 Mar 2020 14:10:41 GMT
server: nginx
etag: "5e78c361-24cb2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 150706

GET
H2 200 CO_031620_MedFusion-Hero_1200x280-e1584465014392.jpg
www.medfusion.com/wp-content/uploads/2020/03/ 25 KB
25 KB 230ms
230ms Image
image/jpeg 104.155.133.44
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.medfusion.com/wp-content/uploads/2020/03/CO_031620_MedFusion-Hero_1200x280-e1584465014392.jpg
Requested by: Host: www.medfusion.com
URL: https://www.medfusion.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.155.133.44 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 44.133.155.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 32faaa77f57ba5cfaab4b32a541d077bd40b7f9a0d2a770f4bd749a1167d9680

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
last-modified: Tue, 17 Mar 2020 17:10:14 GMT
server: nginx
etag: "5e710476-6214"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25108

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame 3607 118 KB
20 KB 44ms
26ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 9822992
cdn-cachedat: 2021-06-08 21:21:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 203451c6c050184245ebe231729b4b5c
cf-ray: 6be19fadad43dfbf-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ Frame 3607 91 KB
32 KB 104ms
58ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:06:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Dec 2022 16:06:56 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 3607 30 KB
7 KB 40ms
23ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 5965774
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 1b00e9671224b437bf3914cf33baf521
cf-ray: 6be19fadad45dfbf-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK fonts.css
bridge.nextgen.com/cdn/nextgen/css/ Frame 3607 5 KB
834 B 509ms
95ms Stylesheet
text/css 199.245.144.60
NEXTGENHEALTH

General

Check archive.org

Show headers Download Go to

Full URL: https://bridge.nextgen.com/cdn/nextgen/css/fonts.css
Requested by: Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.245.144.60 , United States, ASN54577 (NEXTGENHEALTH, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 8d23826d196fbb1d844713d02e53815057775a7bdb249cd6e4b9d1a5f74e66d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2018 16:29:46 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "079a1b11ea4d31:0"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 510

GET
H/1.1 200
OK piUtils.js Show response
ng.nextgen.com/js/ Frame 3607 341 KB
99 KB 110ms
109ms Script
application/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.nextgen.com/js/piUtils.js?ver=2021-09-20
Requested by: Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: 732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:34 GMT
Content-Encoding: gzip
X-Pardot-Route: cb482e8713caadba289bc279c1db8a1d
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified: Wed, 15 Dec 2021 05:14:54 GMT
Server: PardotServer
ETag: "555a1-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Transfer-Encoding: chunked
Accept-Ranges: bytes
Expires: Fri, 15 Dec 2023 18:09:34 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ Frame 3607 84 KB
30 KB 86ms
41ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 03:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Dec 2022 03:21:23 GMT

GET
H2 200 placeholders.min.js Show response
jamesallardice.github.io/Placeholders.js/assets/js/ Frame 3607 5 KB
3 KB 31ms
7ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jamesallardice.github.io/Placeholders.js/assets/js/placeholders.min.js
Requested by: Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 4c141f368da1152af24808794c501b65be66f1550e1b0b2f6c10578fb945eaf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 556318738a609139943e684106acdfffbb3a2193
date: Wed, 15 Dec 2021 18:09:34 GMT
content-encoding: gzip
age: 514
x-cache: HIT
content-length: 2243
x-served-by: cache-hhn4055-HHN
access-control-allow-origin: *
last-modified: Sun, 08 Mar 2015 13:14:00 GMT
server: GitHub.com
x-github-request-id: ADBA:39AB:32B2D:45476:61B50690
x-timer: S1639591774.357063,VS0,VE1
etag: W/"54fc4b18-13d7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Sat, 11 Dec 2021 20:24:08 GMT
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H/1.1 200
OK iframe-sizer.js Show response
www.nextgen.com/scripts/pardot/ Frame 3607 629 B
1 KB 394ms
97ms Script
application/x-javascript 40.71.199.117
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nextgen.com/scripts/pardot/iframe-sizer.js

Requested by

Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.71.199.117 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d4cf0e27e2c0e55886905c8a4e148a14bb01d163fe6c8a8e4ddc33b89eeeb70e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:34 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Last-Modified: Fri, 19 Nov 2021 20:11:22 GMT
Server: Microsoft-IIS/10.0
ETag: "011129f81ddd71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://ng.nextgen.com
Permissions-Policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 449
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BCAB 0
18 B 41ms
19ms Document
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.medfusion.com
URL: https://www.medfusion.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-asan /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.medfusion.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.medfusion.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.medfusion.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-asan
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Wed, 15 Dec 2021 18:09:34 GMT

GET
H/1.1 200
OK MetaOffc-Book.ttf
bridge.nextgen.com/cdn/fonts/ Frame 3607 98 KB
98 KB 637ms
233ms Font
application/octet-stream 199.245.144.60
NEXTGENHEALTH

General

Check archive.org

Show headers Download Go to

Full URL: https://bridge.nextgen.com/cdn/fonts/MetaOffc-Book.ttf
Requested by: Host: bridge.nextgen.com
URL: https://bridge.nextgen.com/cdn/nextgen/css/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 199.245.144.60 , United States, ASN54577 (NEXTGENHEALTH, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 83f64311165ac5f726bac92671cc8a83e5ccec0c2d1fb8d4b292e14ae8311ec1

Request headers

Referer: https://bridge.nextgen.com/cdn/nextgen/css/fonts.css
Origin: https://ng.nextgen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:35 GMT
Last-Modified: Wed, 03 Jan 2018 22:23:50 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "09f8487e184d31:0"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 100544

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 3607 75 KB
76 KB 27ms
15ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://ng.nextgen.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 18:09:34 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 4169520
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 18249dcfed4c9d415508b4a5167bad1c
accept-ranges: bytes
cf-ray: 6be19fb109d84327-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ Frame 3607 5 KB
2 KB 1319ms
103ms Script
application/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: ng.nextgen.com
URL: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 18:09:37 GMT
Content-Encoding: gzip
X-Pardot-Route: b39cd42d381b722267ab9de7e8c10f5d
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
Last-Modified: Wed, 15 Dec 2021 05:14:54 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Fri, 15 Dec 2023 18:09:37 GMT

GET
H/1.0 200
OK analytics Show response
pi.pardot.com/ Frame 3607 1 KB
2 KB 275ms
274ms Script
text/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=749111733&visitor_id_sign=fd2e74b88034090a78dad01e82be3085090c6a364141b32acc6170c046a310728f2302f16aad9e1fe3069a57c0727e8e34a520d1&pi_opt_in=&campaign_id=24616&account_id=489571&title=&url=https%3A%2F%2Fng.nextgen.com%2Fl%2F488571%2F2020-05-19%2Fz1jbn&referrer=https%3A%2F%2Fwww.medfusion.com%2F

Requested by

Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js

Protocol

HTTP/1.0

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

pi0-lba1-2-ue1.aws.pardot.com

Software

PardotServer /

Resource Hash

38931e794b1e58984fb18c296b40138c0fea010b63cef066dbb166e2f03059d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 18:09:37 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp: 16/28/85
Vary: Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=31536000; includeSubDomains
P3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 548
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.0 200
OK analytics Show response
ng.nextgen.com/ Frame 3607 50 B
1 KB 227ms
226ms Script
text/javascript 52.21.178.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ng.nextgen.com/analytics?conly=true&pi_form=true&visitor_id=749111733&visitor_id_sign=fd2e74b88034090a78dad01e82be3085090c6a364141b32acc6170c046a310728f2302f16aad9e1fe3069a57c0727e8e34a520d1&pi_opt_in=&campaign_id=24616&account_id=489571&title=&url=https%3A%2F%2Fng.nextgen.com%2Fl%2F488571%2F2020-05-19%2Fz1jbn&referrer=https%3A%2F%2Fwww.medfusion.com%2F
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=749111733&visitor_id_sign=fd2e74b88034090a78dad01e82be3085090c6a364141b32acc6170c046a310728f2302f16aad9e1fe3069a57c0727e8e34a520d1&pi_opt_in=&campaign_id=24616&account_id=489571&title=&url=https%3A%2F%2Fng.nextgen.com%2Fl%2F488571%2F2020-05-19%2Fz1jbn&referrer=https%3A%2F%2Fwww.medfusion.com%2F
Protocol: HTTP/1.0
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.21.178.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-2-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ng.nextgen.com/l/488571/2020-05-19/z1jbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 18:09:37 GMT
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: 7044ba9c794aba658bc1be2f8b8ad85c
X-Pardot-Rsp: 16/99/7
Vary: User-Agent
P3p: CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Content-Length: 50
Server: PardotServer
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.medfusion.net/	1969-12-31 23:59:59	Name: BIGipServerColdfusion_http Value: !rKiuZFo8z6rOPjBlq1oiz890oR0PA7VF6d24SmfhGSJBQlJyQjVAckCOayvLJoIvX01mW5Me/Eo7kA==
.doubleclick.net/	1970-01-19 23:26:32	Name: test_cookie Value: CheckForPermission
.medfusion.com/	1970-01-20 16:57:43	Name: _ga Value: GA1.2.14653697.1639591774
.medfusion.com/	1970-01-19 23:27:58	Name: _gid Value: GA1.2.2019098283.1639591774
.medfusion.com/	1970-01-19 23:26:31	Name: _gat_UA-51792752-1 Value: 1
.linkedin.com/	1970-01-20 00:09:43	Name: UserMatchHistory Value: AQLHoE-zfq7djgAAAX2_SQbyfOoAsrcOudHua6tG84rqS1EyxlRXM8vz18lfJpxOLsVIP_ooZIyUdQ
.linkedin.com/	1970-01-20 00:09:43	Name: AnalyticsSyncHistory Value: AQKziqqalXj3DwAAAX2_SQby-dk2-N2FF7lTzW7L-8NcI4t1lDBvWyj_LO_4YHMj4-CM6YAtN9bhxAawDaG2Ow
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:58:25	Name: bcookie Value: "v=2&46cee9dc-aefe-4b2e-82d1-1bce0bc0daf1"
.linkedin.com/	1970-01-19 23:27:58	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2519:u=1:x=1:i=1639591773:t=1639678173:v=2:sig=AQHJ66vmsZD6pFUsUFnUtKAGer9VRtsk"
.medfusion.com/	1970-01-20 01:36:07	Name: _fbp Value: fb.1.1639591774108.421994266
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:58:25	Name: bscookie Value: "v=1&20211215180934d77d7fee-a0d2-4f94-8be0-45a924fa32d8AQEM0aWPSWoADK7ouEvukJDb-KMWxwns"
.linkedin.com/	1970-01-20 16:54:02	Name: li_gc Value: MTswOzE2Mzk1OTE3NzQ7MjswMjEBfJgNkzKLckpgq8f6bfCsKNu6IpLKY0XLtHwJ+Paryw==
ng.nextgen.com/	1970-01-23 15:02:31	Name: visitor_id488571 Value: 749111733
ng.nextgen.com/	1970-01-23 15:02:31	Name: visitor_id488571-hash Value: fd2e74b88034090a78dad01e82be3085090c6a364141b32acc6170c046a310728f2302f16aad9e1fe3069a57c0727e8e34a520d1
.www.nextgen.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 342d58a1e886cd3b4400f45fa31f860f2dee5d82780d9601e895ed04d3af1ccc
.pardot.com/	1970-01-23 15:02:31	Name: visitor_id488571 Value: 749111733
.pardot.com/	1970-01-23 15:02:31	Name: visitor_id488571-hash Value: fd2e74b88034090a78dad01e82be3085090c6a364141b32acc6170c046a310728f2302f16aad9e1fe3069a57c0727e8e34a520d1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://marketing.medfusion.com/cdnr/55/acton/bn/tracker/9313 Message: Failed to load resource: the server responded with a status of 404 (/offsite/notFound.jsp)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bridge.nextgen.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jamesallardice.github.io
marketing.medfusion.com
maxcdn.bootstrapcdn.com
medfusion.com
ng.nextgen.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.medfusion.com
www.medfusion.net
www.nextgen.com
104.155.133.44
108.174.10.14
142.250.186.162
199.245.144.60
207.189.124.55
208.74.47.131
2606:4700::6810:125e
2606:4700::6812:acf
2606:50c0:8002::153
2620:1ec:22::14
2a00:1450:4001:802::200a
2a00:1450:4001:803::200a
2a00:1450:4001:803::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9d
2a02:26f0:6c00::210:ba0a
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
40.71.199.117
52.21.178.134
075421c5bb5ce7cf414683fa0a54d1652136d3f6f743f000ecb0afb7afd71f8d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d2524e50c10ec8af4fbb9d41f5ad68cdc0fef004ca17d460b4ecbdc5c92e085
1e04b5384e74186cfdd9454dbb35734d57ee8b3977a5a5aa23990bb427a15e1a
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
29149706281cb9647d58131768e4287cef554ca4795f1ec97ab53407323f968f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31a353287531f1295fd6765468f8c66db9bfcccfed0f0da1cbcb20096758aaf2
32faaa77f57ba5cfaab4b32a541d077bd40b7f9a0d2a770f4bd749a1167d9680
38931e794b1e58984fb18c296b40138c0fea010b63cef066dbb166e2f03059d4
3a794323056095d4ae3d4bccb01fdb689b186c5343f70248d41e61e951cf72fb
3b0599010f93b79b60fa528f2129bea1fb4ebe1a764943918e91466f26fe7ade
3cf19b89805b438f0766952814e0ddb22b78e85c4379747f6e4dc2defe5de53b
4c141f368da1152af24808794c501b65be66f1550e1b0b2f6c10578fb945eaf2
52a4b0ca24e4841a7abce294011e2ec64d9b20b8a4f3cea1dc1cf4a595923325
5d98d71ea97846e0d6f2ea3227c9ff0aa272b6098ce4413275517b29f459eadb
6ae4e086a771015a918c834be4d0866332df8aab14aa86fd7b0ddcf0d4dd0573
6ee51186e79b085ac3ee37326f6ddb3620cecb46169de9dcc549b828295dbc74
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce
76f5ba4ed6629dc332d7c97ed67d20330dfe18abe961c0b3d186ad945f471fe6
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e4a3b3071a743481ff2dfd21a9b910b938e4e235d6917181aeeb64a840e9866
818d7e4632bf0259e0acb3488ebf24b7fe30e16554aef7514890a1f6d3956500
83f64311165ac5f726bac92671cc8a83e5ccec0c2d1fb8d4b292e14ae8311ec1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8d23826d196fbb1d844713d02e53815057775a7bdb249cd6e4b9d1a5f74e66d7
8ea078292393a14a8e44be139a7fa6ed09d9c650e210eccca587045239b71cab
90eecf919ea77eba8308874e7a9509c24b1f1606a5930b760509a89661a5dfbd
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c832d42c5c9055eeee60df459d1aa240fab4c46b4e38322f70889fda61e5532a
c9a3036d260aa3922a0a9ee5b82bcabc0af9a48e37d5fbae62a3b8e4517a99de
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d4cf0e27e2c0e55886905c8a4e148a14bb01d163fe6c8a8e4ddc33b89eeeb70e
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e749ef69ed1ea109f7ddf44b3d310eab039cb4fa113d9a2ed8cbfaa75c9e3b56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16b1e59166e6649b1462f4b294c91d2199bb537663b242f52d09695f0cc4b8a
f27408b033a0195d0f29b0ecbc143f470c4fbb0807472a688b2f9e66403651e0
f4ee99f7b452c67121f363061e636e40d2167ff7ca68e988f3e4e05ae69f27b1
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.medfusion.com Open in urlscan Pro 104.155.133.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

58 Requests

97 %HTTPS

67 %IPv6

19 Domains

27 Subdomains

22 IPs

4 Countries

1824 kBTransfer

4200 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.medfusion.com Open in urlscan Pro
104.155.133.44 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

67 %
IPv6

19
Domains

27
Subdomains

22
IPs

4
Countries

1824 kB
Transfer

4200 kB
Size

19
Cookies

58 HTTP transactions
0 data transactions