Submitted URL: https://f1v3ff69.r.us-east-1.awstrack.me/L0/https:%2F%2F1patientatatime.com%2Fpodcast-the-well-informed-patient/1/01000182ba7de73a-4887df...
Effective URL: https://1patientatatime.com/podcast-the-well-informed-patient
Submission: On August 20 via api from US — Scanned from US

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 33 HTTP transactions. The main IP is 75.101.134.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 1patientatatime.com.
TLS certificate: Issued by R3 on July 20th 2022. Valid for: 3 months.
This is the only time 1patientatatime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 libsyn.com
play.libsyn.com — Cisco Umbrella Rank: 148466
html5-player.libsyn.com — Cisco Umbrella Rank: 51525
assets.libsyn.com — Cisco Umbrella Rank: 53707
ssl-static.libsyn.com — Cisco Umbrella Rank: 44495
1 MB
9 flodesk.com
assets.flodesk.com — Cisco Umbrella Rank: 20821
form.flodesk.com — Cisco Umbrella Rank: 29572
usercontent.flodesk.com — Cisco Umbrella Rank: 31012
447 KB
7 showit.co
lib.showit.co — Cisco Umbrella Rank: 78756
static.showit.co — Cisco Umbrella Rank: 70414
317 KB
4 gstatic.com
fonts.gstatic.com
110 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
ajax.googleapis.com — Cisco Umbrella Rank: 286
33 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
4 KB
1 1patientatatime.com
1patientatatime.com
15 KB
1 awstrack.me
f1v3ff69.r.us-east-1.awstrack.me — Cisco Umbrella Rank: 115450
175 B
33 8
Domain Requested by
7 assets.flodesk.com 1patientatatime.com
assets.flodesk.com
6 play.libsyn.com 1patientatatime.com
play.libsyn.com
4 static.showit.co 1patientatatime.com
4 fonts.gstatic.com fonts.googleapis.com
3 lib.showit.co 1patientatatime.com
2 fonts.googleapis.com 1patientatatime.com
play.libsyn.com
1 ssl-static.libsyn.com
1 assets.libsyn.com 1 redirects
1 html5-player.libsyn.com play.libsyn.com
1 usercontent.flodesk.com 1patientatatime.com
1 form.flodesk.com assets.flodesk.com
1 ajax.googleapis.com 1patientatatime.com
1 cdnjs.cloudflare.com 1patientatatime.com
1 1patientatatime.com
1 f1v3ff69.r.us-east-1.awstrack.me 1 redirects
33 15
Subject Issuer Validity Valid
1patientatatime.com
R3
2022-07-20 -
2022-10-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
*.showit.co
Amazon
2022-01-23 -
2023-02-19
a year crt.sh
*.flodesk.com
Amazon
2022-07-03 -
2023-08-01
a year crt.sh
*.libsyn.com
Sectigo ECC Organization Validation Secure Server CA
2022-06-01 -
2023-07-02
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh

This page contains 2 frames:

Primary Page: https://1patientatatime.com/podcast-the-well-informed-patient
Frame ID: 994DCB8A981798FB45E3AD722247CBE8
Requests: 23 HTTP requests in this frame

Frame: https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Frame ID: 2E21C02F9411D687632AF410A432D427
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

one patient at a time diagnostic sales consulting

Page URL History Show full URLs

  1. https://f1v3ff69.r.us-east-1.awstrack.me/L0/https:%2F%2F1patientatatime.com%2Fpodcast-the-well-informed-patient/1/010... HTTP 302
    https://1patientatatime.com/podcast-the-well-informed-patient Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

53 %
IPv6

8
Domains

15
Subdomains

13
IPs

1
Countries

2390 kB
Transfer

2786 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://f1v3ff69.r.us-east-1.awstrack.me/L0/https:%2F%2F1patientatatime.com%2Fpodcast-the-well-informed-patient/1/01000182ba7de73a-4887df67-b7c6-416f-99e6-f18afbaab85e-000000/JuyJGBYe4nCL4FL_Ue9E27xL6N4=283 HTTP 302
    https://1patientatatime.com/podcast-the-well-informed-patient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://assets.libsyn.com/content/133154379 HTTP 302
  • https://ssl-static.libsyn.com/p/assets/b/d/9/2/bd922fc8189f4822a04421dee9605cbd/The_Well-Informed_Patient_Podcast_1920__1080_px_Instagram_Post_Square.png

33 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request podcast-the-well-informed-patient
1patientatatime.com/
Redirect Chain
  • https://f1v3ff69.r.us-east-1.awstrack.me/L0/https:%2F%2F1patientatatime.com%2Fpodcast-the-well-informed-patient/1/01000182ba7de73a-4887df67-b7c6-416f-99e6-f18afbaab85e-000000/JuyJGBYe4nCL4FL_Ue9E27...
  • https://1patientatatime.com/podcast-the-well-informed-patient
110 KB
15 KB
Document
General
Full URL
https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.101.134.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-75-101-134-27.compute-1.amazonaws.com
Software
/
Resource Hash
3572eb8018da7d03be149d3766a55e8003a8d3769ece99be34e78a92e46d0afa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 20 Aug 2022 13:52:08 GMT
etag
"7232756df75b1e1460ece8d98cca0093-gzip"
last-modified
Tue, 02 Aug 2022 01:03:19 GMT
vary
Accept-Encoding
x-showit
hosted

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 20 Aug 2022 13:52:07 GMT
Location
https://1patientatatime.com/podcast-the-well-informed-patient
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:600|Qwigley:regular|Playfair+Display:regular|Montserrat:300|Great+Vibes:regular|Fjalla+One:400|Dancing+Script:regular
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e4ccdda6982e45d98cb52673de087e6a77e9a712ef3b368337c8fa40a24e9c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Aug 2022 13:52:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 20 Aug 2022 13:52:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Aug 2022 13:52:08 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/
54 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.4.0/animate.min.css
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 13:52:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1446653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3203
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-d8e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fv3wt01PvPm0AeVhJ5%2FUZbMo90v1nnQquWQk1Y%2Fau7SJAo4zMHOJZ1EDqAPXThkM0GyfOxE%2BaSx1cC4C7L5BwyQgGyaoyECy%2By4n8rSM%2BhRTUCIb7bfyRUfzEyTKQqLbn%2B%2FyChFY%2BVlGCa4kudyVQ3B2"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73db9b935c6f8711-ORD
expires
Thu, 10 Aug 2023 13:52:08 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 21:19:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 21:19:20 GMT
showit-lib.min.js
lib.showit.co/engine/1.4.25/
48 KB
16 KB
Script
General
Full URL
https://lib.showit.co/engine/1.4.25/showit-lib.min.js
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-82.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd3e6712c01b7902e1df532d893f58720f82fc15f926759c12914d5899d9c8fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 23:01:37 GMT
content-encoding
gzip
last-modified
Mon, 01 Aug 2022 22:39:16 GMT
server
AmazonS3
age
399032
etag
W/"50d326d16672ba334fe59ea67bf94d91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
eFc-s3wRpS-4TE6hj85sOtaeQ-Pc0qnvHbwch8It-c6xAcWigc2kjg==
showit.min.js
lib.showit.co/engine/1.4.25/
59 KB
20 KB
Script
General
Full URL
https://lib.showit.co/engine/1.4.25/showit.min.js
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-82.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54d99768bb29d6fb57dadc8ffeceed8748ebb1d4f18cd717f9779ade85c59087

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 23:01:37 GMT
content-encoding
gzip
last-modified
Mon, 01 Aug 2022 22:39:16 GMT
server
AmazonS3
age
399032
etag
W/"afa63a3b2f9fa9c176e545e073b675ec"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
_5lWpdICf-3Yi00Ekv5AC2kPi3hzTNsOGGIp19OE-GAZTlSFT07eVA==
showit.css
lib.showit.co/engine/1.4.25/
7 KB
3 KB
Stylesheet
General
Full URL
https://lib.showit.co/engine/1.4.25/showit.css
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-82.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 23:01:19 GMT
content-encoding
gzip
last-modified
Mon, 01 Aug 2022 22:39:15 GMT
server
AmazonS3
age
399050
etag
W/"8e74b817a46d3ed438a34b919f7bd280"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-P1
x-amz-cf-id
q-eZEqXH1MIDz4MbGGEicUskql8zCHizNrH4bb1KViRhYXbAdKfsfg==
universal.js
assets.flodesk.com/
65 KB
24 KB
Script
General
Full URL
https://assets.flodesk.com/universal.js?v=1661003528146
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
af87abef97140cb101fd5b72619475bd731eef126d2ddd78443946101c8cf146

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 07:17:38 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 16 Aug 2022 07:17:33 GMT
Server
AmazonS3
Age
369270
ETag
W/"3aa030b8320cc97a98b356bcd1c9ce83"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Cf-Id
gx1j0VRupdRGRjM5U4TjBeiQ_CvQT_RhYJqcH0CpcckveDPifMf-AQ==
yes
play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/ Frame 2E21
3 KB
3 KB
Document
General
Full URL
https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
13402f13456ec0b7b65b24345381b569d80e648e1cfe74c10f87b95a7363d2ef

Request headers

Referer
https://1patientatatime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
2670
content-type
text/html; charset=UTF-8
date
Sat, 20 Aug 2022 13:52:08 GMT
expires
Thu, 1 Jan 1970 00:00:00 GMT
pragma
no-cache
server
Apache
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Qwigley:regular|Playfair+Display:regular|Montserrat:300|Great+Vibes:regular|Fjalla+One:400|Dancing+Script:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1patientatatime.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:24:40 GMT
x-content-type-options
nosniff
age
98848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 10:24:40 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v30/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Qwigley:regular|Playfair+Display:regular|Montserrat:300|Great+Vibes:regular|Fjalla+One:400|Dancing+Script:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1patientatatime.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 21:24:13 GMT
x-content-type-options
nosniff
age
404875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19860
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 21:24:13 GMT
Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
fonts.gstatic.com/s/fjallaone/v13/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/fjallaone/v13/Yq6R-LCAWCX3-6Ky7FAFrOF6kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600|Qwigley:regular|Playfair+Display:regular|Montserrat:300|Great+Vibes:regular|Fjalla+One:400|Dancing+Script:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1patientatatime.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 10:24:53 GMT
x-content-type-options
nosniff
age
98835
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16588
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:38:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Aug 2023 10:24:53 GMT
untitled_design_6.png
static.showit.co/1200/gmGVZ9VJRTKQQJn2QJgVhQ/112014/
208 KB
209 KB
Image
General
Full URL
https://static.showit.co/1200/gmGVZ9VJRTKQQJn2QJgVhQ/112014/untitled_design_6.png
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-41.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
42b22ace13609631d7059a1ed4bf7383ea994122fb562c08ca262c1c7eaa184b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 10:23:28 GMT
via
1.1 bb784f1db0a47d55a8953c84e49cfa34.cloudfront.net (CloudFront)
last-modified
Mon, 28 Sep 2020 21:02:57 GMT
server
nginx
age
12520
etag
47e7f90196c6115c9ad10eb9320991b5
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
x-amz-cf-pop
EWR52-C4
content-length
212720
x-amz-cf-id
GgF1E1Gs_hOvHR_WJu2zP5gBTBxu1imbOgy1oYI4XsNLXzWdEudCOA==
img_0389.jpg
static.showit.co/400/mL1wHffMTGKw2Ct2vUb5Rw/112014/
37 KB
37 KB
Image
General
Full URL
https://static.showit.co/400/mL1wHffMTGKw2Ct2vUb5Rw/112014/img_0389.jpg
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-41.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
1d5a0b916ee17211604b926bbedca3a9596d68fee6d5fb7df5a9f4b468f38fef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 13:52:08 GMT
via
1.1 bb784f1db0a47d55a8953c84e49cfa34.cloudfront.net (CloudFront)
last-modified
Mon, 04 Jan 2021 02:53:49 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
aedcfdca59da6be0f829dacf046d833e
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
content-length
37734
x-amz-cf-id
rYXq1vgj46AHdRfxynQtpiWXvTuCwqloU-Adk5F6MWX5ckVYQF0OzQ==
img-8214.jpg
static.showit.co/400/6yaRj4rzTQm0Q4gJKAbU7Q/112014/
32 KB
32 KB
Image
General
Full URL
https://static.showit.co/400/6yaRj4rzTQm0Q4gJKAbU7Q/112014/img-8214.jpg
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-41.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
4ed0b6c41164dc2732768e8431ed636e3919cbeb923ca35eae47462771ddcf94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 13:52:08 GMT
via
1.1 bb784f1db0a47d55a8953c84e49cfa34.cloudfront.net (CloudFront)
last-modified
Sun, 05 Jul 2020 17:18:05 GMT
server
nginx
x-amz-cf-pop
EWR52-C4
etag
eaf962f01dd1d658c9cd439445fdc001
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=86400
content-length
32860
x-amz-cf-id
WYrrxitJRuNCje1tMxoqZsMukDEZ6mhZOnTY7HOfDn0L9KG7uRqUQg==
arrow_icon.svg
static.showit.co/file/wTroOZ6vQNmHneYVO6CpKg/shared/
743 B
1 KB
Image
General
Full URL
https://static.showit.co/file/wTroOZ6vQNmHneYVO6CpKg/shared/arrow_icon.svg
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-41.ewr52.r.cloudfront.net
Software
nginx /
Resource Hash
e321a0edabcd06de3953c54d88d0c8b9fd78c041c8155c23f620b05bec356fe6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sun, 14 Aug 2022 09:51:55 GMT
via
1.1 bb784f1db0a47d55a8953c84e49cfa34.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2016 22:31:24 GMT
server
nginx
age
532813
etag
a24e7a6163d3fec70f5580ec6bd1fdc4
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
EWR52-C4
content-length
743
x-amz-cf-id
MMcJgqQYl9QBUgKueOZwd2_ZNqd-y0j_fm8mJ8S116O_5KAvqGPInA==
5f174d0ba9d4040027d9e063
form.flodesk.com/forms/
31 KB
5 KB
XHR
General
Full URL
https://form.flodesk.com/forms/5f174d0ba9d4040027d9e063
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1661003528146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:8600:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3e4e50e0fc0b59f3a43d87ef41f29c9c0e1f1362351b48c0f7cb8ae1cc689ee8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 13:52:08 GMT
content-encoding
gzip
x-amz-cf-pop
EWR53-P1
vary
Origin
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
L9c91LPJMidSIhElfBYKIlUgGXoytG8fUYvlHPuLdzMr5AsYuj9JZQ==
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
css2
fonts.googleapis.com/ Frame 2E21
6 KB
756 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Requested by
Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db2df9b83da7ae87099495c1e14f9b94d416fa284ede72231aba757190884a30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 20 Aug 2022 13:29:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 20 Aug 2022 13:52:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Aug 2022 13:52:08 GMT
2.f2146f9a.chunk.css
play.libsyn.com/static/css/ Frame 2E21
57 KB
58 KB
Stylesheet
General
Full URL
https://play.libsyn.com/static/css/2.f2146f9a.chunk.css
Requested by
Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
b8a6d06fadeb8189be49982ca4c8bef9f915fac6c81549006dd3b141e8de1222

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 13:52:08 GMT
server
Apache
content-type
text/css
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
58727
expires
Thu, 1 Jan 1970 00:00:00 GMT
main.133cb81a.chunk.css
play.libsyn.com/static/css/ Frame 2E21
31 KB
31 KB
Stylesheet
General
Full URL
https://play.libsyn.com/static/css/main.133cb81a.chunk.css
Requested by
Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
f9626ab3270d988624093fbf4907d8aadeabcc36493eba91b2262dc2f501ff90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 13:52:08 GMT
server
Apache
content-type
text/css
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
31329
expires
Thu, 1 Jan 1970 00:00:00 GMT
2.8aaa0358.chunk.js
play.libsyn.com/static/js/ Frame 2E21
847 KB
848 KB
Script
General
Full URL
https://play.libsyn.com/static/js/2.8aaa0358.chunk.js
Requested by
Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
aa3205545255799d0ee1301df46dabe118a8a8d281070737a4b6701861a6a26c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 13:52:08 GMT
server
Apache
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
867240
expires
Thu, 1 Jan 1970 00:00:00 GMT
main.80b61f5d.chunk.js
play.libsyn.com/static/js/ Frame 2E21
39 KB
39 KB
Script
General
Full URL
https://play.libsyn.com/static/js/main.80b61f5d.chunk.js
Requested by
Host: play.libsyn.com
URL: https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
73d05cc773c4ef6fbe625f89c3078d1ea1823589c8738eaff9acaf5e3c44fc6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 13:52:08 GMT
server
Apache
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
39834
expires
Thu, 1 Jan 1970 00:00:00 GMT
brandongrotesque.css
assets.flodesk.com/
2 KB
941 B
Stylesheet
General
Full URL
https://assets.flodesk.com/brandongrotesque.css
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1661003528146
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fda7bf04ed7c2151dd3faa1fb08ea871c2f19442bbf99bc5449d4c5511246ac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 07:17:43 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 16 Aug 2022 07:17:31 GMT
Server
AmazonS3
Age
369266
ETag
W/"7fae574828901fca881839d1bb790b62"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Cf-Id
0MM1E5njUdwM_d4FOPHWRFKzNJFZ3anTzAielbYSWY2IgQzZPlN3cA==
1526.14b9c8e1fe34e08ec2d9.js
assets.flodesk.com/
34 KB
13 KB
Script
General
Full URL
https://assets.flodesk.com/1526.14b9c8e1fe34e08ec2d9.js
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1661003528146
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b9072d7c09a5c6bfe1b0f7c2590c008710081dc8b6e2d899093d4ae00087221

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 07:17:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 16 Aug 2022 07:16:59 GMT
Server
AmazonS3
Age
369270
ETag
W/"90b20658264407f3ce2c90e1ff4fca1a"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Cf-Id
Rdn0TWB_P7B61HZBaZ8QAAHgLldfh_N4gdiNBjU-YcFt2fg9C_pQng==
6385.771ed92a7af0df0fabbf.js
assets.flodesk.com/
29 KB
11 KB
Script
General
Full URL
https://assets.flodesk.com/6385.771ed92a7af0df0fabbf.js
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1661003528146
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccc4b56cc70afbb70d9268c61d26b1f9a0906e7f66f5b7b133299742e956ceee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 07:17:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 16 Aug 2022 07:17:01 GMT
Server
AmazonS3
Age
369270
ETag
W/"3c2f14ff97b5a32266feee21ce4435ca"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 f5b36a6d650578e8cf7b1700c37caa00.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Cf-Id
62bH430I6jeDElY0_GGA8uKuR_R9eKWO8fsaIfUBtXhsxCiVmvvesw==
7650.291bc19389e190fc4152.js
assets.flodesk.com/
14 KB
5 KB
Script
General
Full URL
https://assets.flodesk.com/7650.291bc19389e190fc4152.js
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.js?v=1661003528146
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32a862b6817d784636e392750c58f61dab9d8495599266d772def05070d90f07

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 16 Aug 2022 07:17:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 16 Aug 2022 07:17:02 GMT
Server
AmazonS3
Age
369269
ETag
W/"efaac91cc51cfdaafbeb73bee9a23e50"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Cf-Id
iLdWKgVWP8Kz6GCBIv8OVwqI8H3qWP9xa-FgZYB60KCce98gVu_55Q==
img-0350_110c06ab-c883-46ab-9b38-91cbb0b8a08a.jpg
usercontent.flodesk.com/cf2b555f-abdc-4c5d-8efa-db5945b9c447/upload/
126 KB
127 KB
Image
General
Full URL
https://usercontent.flodesk.com/cf2b555f-abdc-4c5d-8efa-db5945b9c447/upload/img-0350_110c06ab-c883-46ab-9b38-91cbb0b8a08a.jpg
Requested by
Host: 1patientatatime.com
URL: https://1patientatatime.com/podcast-the-well-informed-patient
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:f200:16:5ccd:c900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba6e493573ad21ccf337cb6652b74e3a58e7dabeebab37809cdad628c646c506

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1patientatatime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 10:23:29 GMT
Via
1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 21 Jul 2020 20:19:48 GMT
Server
AmazonS3
Age
12520
Etag
"138e68c12797380435513557d437723d"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
EWR50-C1
Accept-Ranges
bytes
Content-Length
129309
X-Amz-Cf-Id
w35B42BVPdWE4LcRyWXKzeYdRvP2RxXOmlVz4IbKW3v7U4w-m_Cdrg==
4b093d9b453a04a6ab5c.otf
assets.flodesk.com/
128 KB
129 KB
Font
General
Full URL
https://assets.flodesk.com/4b093d9b453a04a6ab5c.otf
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/brandongrotesque.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b780a0af266a92441e84f63fb08bcc9fb96fffb35a4aa773965b4e65d183ec5

Request headers

Referer
https://assets.flodesk.com/brandongrotesque.css
Origin
https://1patientatatime.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 10:23:29 GMT
Via
1.1 8770cedbbb1c2feb157dc67ce83fe00c.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
12520
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
131364
Last-Modified
Tue, 16 Aug 2022 07:17:00 GMT
Server
AmazonS3
ETag
"cb6415eaad7634756dc5272fcd5e5bf2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, PUT, HEAD, POST, DELETE
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
JFK50-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
IdBpIVjwKtNyw6rqffql1y-gLchgJXru9mgeoNwODIac07j4jcorEg==
a38520a220299be7c79d.otf
assets.flodesk.com/
132 KB
133 KB
Font
General
Full URL
https://assets.flodesk.com/a38520a220299be7c79d.otf
Requested by
Host: assets.flodesk.com
URL: https://assets.flodesk.com/brandongrotesque.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ba00:f:b2f5:a240:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0178b0b34f1550ffbfdd023f518e7d2c820ecd40827fec9afa47c9601f04009

Request headers

Referer
https://assets.flodesk.com/brandongrotesque.css
Origin
https://1patientatatime.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Sat, 20 Aug 2022 13:52:09 GMT
Via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop
JFK50-P1
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
135056
Last-Modified
Tue, 16 Aug 2022 07:17:03 GMT
Server
AmazonS3
ETag
"d2495520d7f19a4d38f0b127aeaffc0c"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, PUT, HEAD, POST, DELETE
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
GgrDuDOFGXqSVVATc-SpW0xUjhOXhzVGA4U6R7iAnRigeiM-zgDgtw==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 2E21
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 Perth Amboy, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.libsyn.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 18:52:16 GMT
x-content-type-options
nosniff
age
413993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Aug 2023 18:52:16 GMT
23914134
html5-player.libsyn.com/api/episode/id/ Frame 2E21
4 KB
5 KB
XHR
General
Full URL
https://html5-player.libsyn.com/api/episode/id/23914134
Requested by
Host: play.libsyn.com
URL: https://play.libsyn.com/static/js/2.8aaa0358.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.221 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
f3f5bf4fbfa2f0095efc7184e58564d70460cb5d1d82cbd9456afc1cfb7b2f75

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.libsyn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 13:52:09 GMT
server
Apache
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-libsyn-host
(null)
accept-ranges
bytes
content-length
4242
expires
Thu, 19 Nov 1981 08:52:00 GMT
libsyn-logo.png
play.libsyn.com/assets/ Frame 2E21
26 KB
26 KB
Image
General
Full URL
https://play.libsyn.com/assets/libsyn-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.16.246.214 Pittsburgh, United States, ASN20326 (TERASWITCH, US),
Reverse DNS
Software
Apache /
Resource Hash
1a004f20eaa9867518c2ab5965800a0b6b9dc697e80bac33f41b26ceea547024

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/embed/episode/id/23914134/height/128/theme/modern/size/standard/thumbnail/yes/custom-color/da9786/time-start/00:00:00/playlist-height/200/direction/backward/download/yes
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 13:52:09 GMT
server
Apache
content-type
image/png
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
26728
expires
Thu, 1 Jan 1970 00:00:00 GMT
The_Well-Informed_Patient_Podcast_1920__1080_px_Instagram_Post_Square.png
ssl-static.libsyn.com/p/assets/b/d/9/2/bd922fc8189f4822a04421dee9605cbd/ Frame 2E21
Redirect Chain
  • https://assets.libsyn.com/content/133154379
  • https://ssl-static.libsyn.com/p/assets/b/d/9/2/bd922fc8189f4822a04421dee9605cbd/The_Well-Informed_Patient_Podcast_1920__1080_px_Instagram_Post_Square.png
453 KB
453 KB
Image
General
Full URL
https://ssl-static.libsyn.com/p/assets/b/d/9/2/bd922fc8189f4822a04421dee9605cbd/The_Well-Informed_Patient_Podcast_1920__1080_px_Instagram_Post_Square.png
Protocol
H2
Server
2600:9000:23cb:e000:7:ea59:6a00:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd3f8ddd636ee8396d412968ea37bfd8e709773f5c464184ba4c69a41546ca51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://play.libsyn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 02:54:17 GMT
via
1.1 80d5d65d27a0450c8f0018381b103d7a.cloudfront.net (CloudFront)
last-modified
Tue, 02 Aug 2022 00:40:36 GMT
server
AmazonS3
age
39473
etag
"7bfe2d4f9b4ccd372b16020079766eb9"
vary
Origin
x-cache
Hit from cloudfront
x-amz-version-id
TJsi_3ACfpv43bQjKxnOjV.RuQEgPnp6
x-amz-cf-pop
JFK50-P1
accept-ranges
bytes
content-type
image/png
content-length
463377
x-amz-cf-id
cXaIqS1v1z21g-YOSwiVXZT8LJot5dXntxda-TP3wW6nlXOe0Pi9JQ==

Redirect headers

location
https://ssl-static.libsyn.com/p/assets/b/d/9/2/bd922fc8189f4822a04421dee9605cbd/The_Well-Informed_Patient_Podcast_1920__1080_px_Instagram_Post_Square.png
date
Sat, 20 Aug 2022 13:52:09 GMT
x-libsyn-host
t3
access-control-allow-origin
*
content-length
0
server
Apache
content-type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| FlodeskObject function| fd function| $ function| jQuery object| device function| Waypoint function| lazyload function| showit-lib object| showit function| initPage object| S5 string| waypointContextKey object| webpackChunk_dev_assets

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1patientatatime.com
ajax.googleapis.com
assets.flodesk.com
assets.libsyn.com
cdnjs.cloudflare.com
f1v3ff69.r.us-east-1.awstrack.me
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
html5-player.libsyn.com
lib.showit.co
play.libsyn.com
ssl-static.libsyn.com
static.showit.co
usercontent.flodesk.com
204.16.246.214
204.16.246.216
204.16.246.221
2600:9000:21ea:f200:16:5ccd:c900:93a1
2600:9000:2209:8600:f:9de7:2240:93a1
2600:9000:23cb:ba00:f:b2f5:a240:93a1
2600:9000:23cb:e000:7:ea59:6a00:93a1
2606:4700::6811:190e
2607:f8b0:4006:80e::2003
2607:f8b0:4006:817::200a
2607:f8b0:4006:822::200a
52.85.61.82
54.165.187.187
75.101.134.27
99.84.37.41
13402f13456ec0b7b65b24345381b569d80e648e1cfe74c10f87b95a7363d2ef
1a004f20eaa9867518c2ab5965800a0b6b9dc697e80bac33f41b26ceea547024
1d5a0b916ee17211604b926bbedca3a9596d68fee6d5fb7df5a9f4b468f38fef
1e4ccdda6982e45d98cb52673de087e6a77e9a712ef3b368337c8fa40a24e9c1
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
2b780a0af266a92441e84f63fb08bcc9fb96fffb35a4aa773965b4e65d183ec5
32a862b6817d784636e392750c58f61dab9d8495599266d772def05070d90f07
3572eb8018da7d03be149d3766a55e8003a8d3769ece99be34e78a92e46d0afa
3e4e50e0fc0b59f3a43d87ef41f29c9c0e1f1362351b48c0f7cb8ae1cc689ee8
42b22ace13609631d7059a1ed4bf7383ea994122fb562c08ca262c1c7eaa184b
4ed0b6c41164dc2732768e8431ed636e3919cbeb923ca35eae47462771ddcf94
4fda7bf04ed7c2151dd3faa1fb08ea871c2f19442bbf99bc5449d4c5511246ac
54d99768bb29d6fb57dadc8ffeceed8748ebb1d4f18cd717f9779ade85c59087
54eb546ba2203d87ad9a38ffdb92fdfed9733e08239dbea692a1ca059a287480
6b9072d7c09a5c6bfe1b0f7c2590c008710081dc8b6e2d899093d4ae00087221
73d05cc773c4ef6fbe625f89c3078d1ea1823589c8738eaff9acaf5e3c44fc6d
837f8b46e17fedf595bc8784a22d87aa835ff52d20d931184ddc854c09fbfb73
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
aa3205545255799d0ee1301df46dabe118a8a8d281070737a4b6701861a6a26c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af87abef97140cb101fd5b72619475bd731eef126d2ddd78443946101c8cf146
b0178b0b34f1550ffbfdd023f518e7d2c820ecd40827fec9afa47c9601f04009
b8a6d06fadeb8189be49982ca4c8bef9f915fac6c81549006dd3b141e8de1222
ba6e493573ad21ccf337cb6652b74e3a58e7dabeebab37809cdad628c646c506
ccc4b56cc70afbb70d9268c61d26b1f9a0906e7f66f5b7b133299742e956ceee
cd3e6712c01b7902e1df532d893f58720f82fc15f926759c12914d5899d9c8fa
db2df9b83da7ae87099495c1e14f9b94d416fa284ede72231aba757190884a30
dd3f8ddd636ee8396d412968ea37bfd8e709773f5c464184ba4c69a41546ca51
e321a0edabcd06de3953c54d88d0c8b9fd78c041c8155c23f620b05bec356fe6
f3f5bf4fbfa2f0095efc7184e58564d70460cb5d1d82cbd9456afc1cfb7b2f75
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9626ab3270d988624093fbf4907d8aadeabcc36493eba91b2262dc2f501ff90
fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47