Submitted URL: https://fohrims.com/
Effective URL: https://mdmedica.com/
Submission: On September 28 via api from BE — Scanned from DE

Summary

This website contacted 16 IPs in 3 countries across 16 domains to perform 64 HTTP transactions. The main IP is 2600:9000:21f3:7c00:b:78e7:6080:93a1, located in United States and belongs to AMAZON-02, US. The main domain is mdmedica.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 2nd 2024. Valid for: a year.
This is the only time mdmedica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
24 mdmedica.com
www.mdmedica.com
mdmedica.com
713 KB
9 fohrims.com
fohrims.com
147 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
473 KB
4 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 3721
394 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
www.google-analytics.com — Cisco Umbrella Rank: 52
22 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 9833
126 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
599 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4111
2 gstatic.com
fonts.gstatic.com
34 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
76 KB
2 legitscript.com
static.legitscript.com — Cisco Umbrella Rank: 35007
15 KB
1 whitelabelmd.com
api.whitelabelmd.com
291 B
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2685
api-iam.intercom.io Failed
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
936 B
1 looksmartppc.com
xml.looksmartppc.com
179 B
64 16
Domain Requested by
23 mdmedica.com fohrims.com
mdmedica.com
9 fohrims.com fohrims.com
5 www.googletagmanager.com fohrims.com
mdmedica.com
www.googletagmanager.com
4 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
2 www.facebook.com mdmedica.com
2 www.google.de mdmedica.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net mdmedica.com
connect.facebook.net
2 static.legitscript.com mdmedica.com
2 region1.google-analytics.com www.googletagmanager.com
1 api.whitelabelmd.com mdmedica.com
1 widget.intercom.io mdmedica.com
1 fonts.googleapis.com mdmedica.com
1 www.mdmedica.com 1 redirects
1 xml.looksmartppc.com 1 redirects
0 api-iam.intercom.io Failed js.intercomcdn.com
64 19
Subject Issuer Validity Valid
fohrims.com
R11
2024-09-23 -
2024-12-22
3 months crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
mdmedica.com
Amazon RSA 2048 M03
2024-02-02 -
2025-03-03
a year crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
legitscript.com
WE1
2024-08-10 -
2024-11-08
3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03
2024-01-15 -
2025-02-11
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-07 -
2024-10-05
3 months crt.sh
whitelabelmd.com
Amazon RSA 2048 M03
2024-07-24 -
2025-08-23
a year crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.de
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh

This page contains 2 frames:

Primary Page: https://mdmedica.com/
Frame ID: 7067F22BEDFFA078904D896633FFA967
Requests: 65 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.9f6a59b4.js
Frame ID: CD105670B21A3570E3E497CF31E22FF8
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

MDMEDICA

Page URL History Show full URLs

  1. https://fohrims.com/ Page URL
  2. http://xml.looksmartppc.com/redirect?feed=692294&subid=fohrims.com&url=fohrims.com&query=forhims+men%27s... HTTP 307
    https://xml.looksmartppc.com/redirect?feed=692294&subid=fohrims.com&url=fohrims.com&query=forhims+men%27s... HTTP 302
    https://www.mdmedica.com/ HTTP 302
    https://mdmedica.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

64
Requests

97 %
HTTPS

65 %
IPv6

16
Domains

19
Subdomains

16
IPs

3
Countries

1881 kB
Transfer

4641 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fohrims.com/ Page URL
  2. http://xml.looksmartppc.com/redirect?feed=692294&subid=fohrims.com&url=fohrims.com&query=forhims+men%27s+health+hair+loss+treatment+erectile+dysfunction+skincare+mental+health+telehealth+online+doctor+consultations+prescription+medications+health+advice&default_url=https://www.mdmedica.com/ HTTP 307
    https://xml.looksmartppc.com/redirect?feed=692294&subid=fohrims.com&url=fohrims.com&query=forhims+men%27s+health+hair+loss+treatment+erectile+dysfunction+skincare+mental+health+telehealth+online+doctor+consultations+prescription+medications+health+advice&default_url=https://www.mdmedica.com/ HTTP 302
    https://www.mdmedica.com/ HTTP 302
    https://mdmedica.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
fohrims.com/
4 KB
2 KB
Document
General
Full URL
https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cf6523ae83ffbae5cd623c07593a13c4b12f0b163f1c3c043439e023cedebf00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
427966
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 28 Sep 2024 00:15:28 GMT
etag
W/"42346738b070cda1b2f723515807c2e5"
server
Vercel
strict-transport-security
max-age=63072000
vary
RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-matched-path
/
x-vercel-cache
HIT
x-vercel-id
fra1::5fp54-1727482528248-e77328ac3af4
a34f9d1faa5f3315-s.p.woff2
fohrims.com/_next/static/media/
47 KB
48 KB
Font
General
Full URL
https://fohrims.com/_next/static/media/a34f9d1faa5f3315-s.p.woff2
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://fohrims.com
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
x-vercel-cache
HIT
etag
"d4fe31e6a2aebc06b8d6e558c9141119"
age
428515
x-matched-path
/_next/static/media/a34f9d1faa5f3315-s.p.woff2
accept-ranges
bytes
access-control-allow-origin
*
content-length
48556
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="a34f9d1faa5f3315-s.p.woff2"
content-type
font/woff2
server
Vercel
x-vercel-id
fra1::z7rvc-1727482528506-734a3cff1954
96240fe279f82fcd.css
fohrims.com/_next/static/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://fohrims.com/_next/static/css/96240fe279f82fcd.css
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c194e583fbe59beaca5100af6996159dbd0f20ba21a70eee1c61292d06d0b840
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
content-encoding
br
x-vercel-cache
HIT
etag
W/"e889f4e76ebfa4fac14ddaf3b5b195fd"
age
428515
x-matched-path
/_next/static/css/96240fe279f82fcd.css
access-control-allow-origin
*
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="96240fe279f82fcd.css"
content-type
text/css; charset=utf-8
server
Vercel
x-vercel-id
fra1::swbcx-1727482528506-cdee4d674aaa
webpack-77ce0e0e28f55d28.js
fohrims.com/_next/static/chunks/
4 KB
2 KB
Script
General
Full URL
https://fohrims.com/_next/static/chunks/webpack-77ce0e0e28f55d28.js
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cb5e194ef7358852d826919eb8855e2ce008fca1f548b17193b24ad158e98da9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
content-encoding
br
x-vercel-cache
HIT
etag
W/"01478b6effc6186279895d130df0a67a"
age
428515
x-matched-path
/_next/static/chunks/webpack-77ce0e0e28f55d28.js
access-control-allow-origin
*
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="webpack-77ce0e0e28f55d28.js"
content-type
application/javascript; charset=utf-8
server
Vercel
x-vercel-id
fra1::j4b2q-1727482528506-beaa0adb7c7d
fd9d1056-6184565b3c21c232.js
fohrims.com/_next/static/chunks/
169 KB
54 KB
Script
General
Full URL
https://fohrims.com/_next/static/chunks/fd9d1056-6184565b3c21c232.js
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
71ed963804cbd4b773b16a2e290fb534288140999cca4833a8ff300a9d72a9b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
content-encoding
br
x-vercel-cache
HIT
etag
W/"89ef5cbeacece4bcb75bbefbaec33dc9"
age
428515
x-matched-path
/_next/static/chunks/fd9d1056-6184565b3c21c232.js
access-control-allow-origin
*
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="fd9d1056-6184565b3c21c232.js"
content-type
application/javascript; charset=utf-8
server
Vercel
x-vercel-id
fra1::mbcnv-1727482528544-c6b4f04dd4b4
23-20f959bf0534b801.js
fohrims.com/_next/static/chunks/
120 KB
32 KB
Script
General
Full URL
https://fohrims.com/_next/static/chunks/23-20f959bf0534b801.js
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
839d821426383cc0f978a6a20074e6f5524d23ad66f19bdb883f6874bca1cfce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
content-encoding
br
x-vercel-cache
HIT
etag
W/"4a2d7c3d59d9298d8e3dfdd6134a4eca"
age
428515
x-matched-path
/_next/static/chunks/23-20f959bf0534b801.js
access-control-allow-origin
*
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="23-20f959bf0534b801.js"
content-type
application/javascript; charset=utf-8
server
Vercel
x-vercel-id
fra1::f86wh-1727482528506-18db064ab1db
main-app-f73cdb3bce740b12.js
fohrims.com/_next/static/chunks/
462 B
641 B
Script
General
Full URL
https://fohrims.com/_next/static/chunks/main-app-f73cdb3bce740b12.js
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e70d963e7f59350b16dcba9796ad8aec2001738b6756509c4ea77e2bfb0921f0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
x-vercel-cache
HIT
etag
"8eedc9e8ab2a40373eb62a03672a39d1"
age
428515
x-matched-path
/_next/static/chunks/main-app-f73cdb3bce740b12.js
accept-ranges
bytes
access-control-allow-origin
*
content-length
462
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="main-app-f73cdb3bce740b12.js"
content-type
application/javascript; charset=utf-8
server
Vercel
x-vercel-id
fra1::s88sv-1727482528506-1de15109c83d
page-247eac96fe5781b7.js
fohrims.com/_next/static/chunks/app/
22 KB
4 KB
Script
General
Full URL
https://fohrims.com/_next/static/chunks/app/page-247eac96fe5781b7.js
Requested by
Host: fohrims.com
URL: https://fohrims.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9543dfee27c5e261bea887446d68718f9d8e6e1b9dcefe66786244fa889989bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public,max-age=31536000,immutable
content-encoding
br
x-vercel-cache
HIT
etag
W/"adee31fd0cf2c4187b83222241c660fe"
age
428515
x-matched-path
/_next/static/chunks/app/page-247eac96fe5781b7.js
access-control-allow-origin
*
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="page-247eac96fe5781b7.js"
content-type
application/javascript; charset=utf-8
server
Vercel
x-vercel-id
fra1::wjnhv-1727482528506-72eedcec1c4a
js
www.googletagmanager.com/gtag/
311 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GBWN1FVJNJ
Requested by
Host: fohrims.com
URL: https://fohrims.com/_next/static/chunks/app/page-247eac96fe5781b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fae245d1a504fe6d973d512d63ea4fc620a840e4c1d849e421654450b507359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 00:15:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105565
x-xss-protection
0
server
Google Tag Manager
favicon.ico
fohrims.com/
7 KB
2 KB
Other
General
Full URL
https://fohrims.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
089d7e34b37f0671ef4b1d8576da6e6fafcc9ca50b14b6af23d9c7f0022f2dbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

strict-transport-security
max-age=63072000
cache-control
public, max-age=0, must-revalidate
content-encoding
br
x-vercel-cache
HIT
etag
W/"bb621fea04a33682d3b60fa4c9a2d88d"
age
428640
x-matched-path
/404
access-control-allow-origin
*
date
Sat, 28 Sep 2024 00:15:28 GMT
content-disposition
inline; filename="404"
content-type
text/html; charset=utf-8
server
Vercel
x-vercel-id
fra1::8fzcg-1727482528691-e9c132ab0b52
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GBWN1FVJNJ&gtm=45je49p0v9195764573za200&_p=1727482528905&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=458171120.1727482529&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727482528&sct=1&seg=0&dl=https%3A%2F%2Ffohrims.com%2F&dt=loading...&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=828
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GBWN1FVJNJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fohrims.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:29 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GBWN1FVJNJ&gtm=45je49p0v9195764573za200&_p=1727482528905&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=458171120.1727482529&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&dl=https%3A%2F%2Ffohrims.com%2F&dt=loading...&sid=1727482528&sct=1&seg=1&en=page_view&_ee=1&_et=3&tfd=839
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GBWN1FVJNJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://fohrims.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://fohrims.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:29 GMT
content-type
text/plain
server
Golfe2
Primary Request /
mdmedica.com/
Redirect Chain
  • http://xml.looksmartppc.com/redirect?feed=692294&subid=fohrims.com&url=fohrims.com&query=forhims+men%27s+health+hair+loss+treatment+erectile+dysfunction+skincare+mental+health+telehealth+online+doc...
  • https://xml.looksmartppc.com/redirect?feed=692294&subid=fohrims.com&url=fohrims.com&query=forhims+men%27s+health+hair+loss+treatment+erectile+dysfunction+skincare+mental+health+telehealth+online+do...
  • https://www.mdmedica.com/
  • https://mdmedica.com/
125 KB
23 KB
Document
General
Full URL
https://mdmedica.com/
Requested by
Host: fohrims.com
URL: https://fohrims.com/_next/static/chunks/app/page-247eac96fe5781b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b592cc773c7a7def7358cb67a777a3fe65bef9af091e8d61d8b51cfe99522f0b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
5366
content-encoding
br
content-type
text/html
date
Fri, 27 Sep 2024 22:46:05 GMT
etag
W/"2a25cf455d33518b5713c7b20c86ff96"
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-cf-id
Zxz8PJ-Wllt1QmIV0Bqu0To64fsu5vPYGL9xKStqDdu77zKDkcbMPg==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront

Redirect headers

content-length
145
content-type
text/html
date
Sat, 28 Sep 2024 00:15:30 GMT
location
https://mdmedica.com/
server
nginx/1.24.0
frontend.min.css
mdmedica.com/wp-content/themes/bricks/assets/css/
117 KB
18 KB
Stylesheet
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/css/frontend.min.css?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e53625d097a14ef03681794fed1a70fd1b5786ff3a89af1193e5bdb3ebf7ac18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"e266a0edee88f2e26ea4d21eabf0ea3c"
age
84042
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
D8ozHo3WVdHWQgHlargvugBXAV6DuN9wmTPDtfDGlOpeQCJLIJALAA==
date
Fri, 27 Sep 2024 00:54:49 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
font-awesome-6-brands.min.css
mdmedica.com/wp-content/themes/bricks/assets/css/libs/
18 KB
5 KB
Stylesheet
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/font-awesome-6-brands.min.css?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
35ab26e87512eed820fb736b3458ecf49f7ed81d65f6f758e8666ae30ee481a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"e8992cd762b48994df213d95a961e927"
age
84042
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
gqMjUJLQJYrOrCl8YDLT7PP0GP9voMj57wHf2-VPP-8b7XHiwTnTHg==
date
Fri, 27 Sep 2024 00:54:49 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
font-awesome-6.min.css
mdmedica.com/wp-content/themes/bricks/assets/css/libs/
79 KB
17 KB
Stylesheet
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/font-awesome-6.min.css?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
199ea0f8225456cdb13c1478970b43fc6ab31e7c99005e4dc4ebc922dc8c2f17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"f33958e6b88a6fa94334a9688d18cb04"
age
39275
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
umRPJFMK2M9akTOAfQPqCutSm83EhF5gSuImE6zVxTm03qa5-4sCQA==
date
Fri, 27 Sep 2024 13:20:55 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
ionicons.min.css
mdmedica.com/wp-content/themes/bricks/assets/css/libs/
29 KB
5 KB
Stylesheet
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dca46186d298d744678f08fb04ce50ae96478c0c1b09d6a11e3e7fba39f31f63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"7ac6671de8a1b26a2d2e9f8c879664a9"
age
84042
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kaGsdQ7HXS2cQakNTEFj5BRBaYfn8OiYYyBZNXQ4OMgE-2taKbSmLg==
date
Fri, 27 Sep 2024 00:54:49 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
themify-icons.min.css
mdmedica.com/wp-content/themes/bricks/assets/css/libs/
14 KB
3 KB
Stylesheet
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/themify-icons.min.css?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ace508de9bd970554cf4c0b0182df0fe475d62cf2589bdc6aab3740046f48f10

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"11d04057965a22ad3dea37d29852c3e7"
age
84042
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hHXfsS_QoULaqXOHohq1pFu-qOP8UJaxTogl74qpMCtyRK7zXpNejQ==
date
Fri, 27 Sep 2024 00:54:49 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
splide.min.css
mdmedica.com/wp-content/themes/bricks/assets/css/libs/
4 KB
1 KB
Stylesheet
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/splide.min.css?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eda9c683e93397090afcdc57ad8f445437f2a6facfb4f7c7e2b3b1af49a92757

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"bb83a38265697455b95d81c9456de6a2"
age
84042
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
FnAzNWfgCbFsPjNxOl81OsJIvM-CrQEGuqmzz7nrD5ybenKDvdLUJw==
date
Fri, 27 Sep 2024 00:54:49 GMT
content-type
text/css
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
css2
fonts.googleapis.com/
3 KB
936 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1fb59a493c6ef06997fc23a1555b41c4e2563553f65826565e248986635fc26b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 00:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 28 Sep 2024 00:14:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
js
www.googletagmanager.com/gtag/
289 KB
101 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-KDT9F64
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dcdd3fa20d528497ea4a1ad00eb280c4eba2f279919bec83273e8448bd765b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 00:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
102226
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
227 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-NSLRV9N
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a422aac4e9c75a288f1d2f335d9d73bdf26d44719d69dede4f998a4185c5133f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 00:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81499
x-xss-protection
0
server
Google Tag Manager
wlmd-intake-func-v4.6.js
mdmedica.com/wp-content/uploads/common/
50 KB
13 KB
Script
General
Full URL
https://mdmedica.com/wp-content/uploads/common/wlmd-intake-func-v4.6.js
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef642ea61846bd0bd56efdcab9a0dd97758512b629a0f079a5bb0bbf6f6899ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
etag
W/"d93e9fcd2190c6c2bd2e00e65fb8fb53"
age
60794
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Ropj95hqKCEtotBIRtI99_32hGC-4OsjBGV2BDyczB_eAdbw7fKZ4A==
date
Fri, 27 Sep 2024 07:22:17 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 22:38:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
MD-Medica-Final-Logo.png
mdmedica.com/wp-content/uploads/2024/03/
6 KB
6 KB
Image
General
Full URL
https://mdmedica.com/wp-content/uploads/2024/03/MD-Medica-Final-Logo.png
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a13b995bbee34ec12654a3414cc608ad286568f6677cffb59b7cc3894d42b0e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"f3f0526a605b5a0574a007b4dd3a37f0"
age
84042
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
5719
x-amz-cf-id
N7XZhUVARvoI1ARYv9CkHbaMoP-Ii090dvHdlAvBnus11mRDIk4G0Q==
date
Fri, 27 Sep 2024 00:54:49 GMT
content-type
image/png
last-modified
Tue, 03 Sep 2024 22:38:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
15245573.js
static.legitscript.com/seals/
359 B
435 B
Script
General
Full URL
https://static.legitscript.com/seals/15245573.js
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1022 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a2fa96fcfb6bd629e06342020f79021ee5bd953d7582cccc193db3587f5c4f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66f72b90-167"
age
5365
cf-ray
8c9f8a16dd965d92-FRA
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 22:02:56 GMT
server
cloudflare
vary
Accept-Encoding
bricks.min.js
mdmedica.com/wp-content/themes/bricks/assets/js/
103 KB
27 KB
Script
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/js/bricks.min.js?ver=1716998804
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ec085b1841b86b2160725d68a123a8f576fc0ac7108ca43f98214f716caf2335

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
etag
W/"bb5c3059202a59c02f7dbbff1502ed35"
age
60794
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
K4W_lw6Kj_isYchzzNIRgQHnAsh6orHpl0R54VooxdkSUotsODBxgA==
date
Fri, 27 Sep 2024 22:46:05 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 22:38:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
splide.min.js
mdmedica.com/wp-content/themes/bricks/assets/js/libs/
30 KB
13 KB
Script
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/js/libs/splide.min.js?ver=4.1.4
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b5733ac9c2884ea28cf994ab35861f49eb1ef6445b7739abc72f66579c364c18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
etag
W/"723df4ee7a69458d441194bb4adfe1ac"
age
5365
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
LcP7WJrMulR-2IJHY6846IleIgvPp6E3AUVPsPn6thf9mVILxP5bFg==
date
Fri, 27 Sep 2024 22:46:06 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 22:38:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
proslider.min.js
mdmedica.com/wp-content/plugins/bricksextras/components/assets/js/
19 KB
5 KB
Script
General
Full URL
https://mdmedica.com/wp-content/plugins/bricksextras/components/assets/js/proslider.min.js?ver=1.1.8
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33c63df183af672f676a6a298dc87127be324c1fa7d5f8242dd32cff6e1e9841

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
etag
W/"20d3375ccfec797796fa46bc2ad7a679"
age
60794
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
G8GbuRNBeXgTYPP5PP_RLnVTxWcLPmHlUuRVGp9YQEmbTzzpZ4GMXw==
date
Fri, 27 Sep 2024 22:46:05 GMT
content-type
application/javascript
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
f999f779-7a72-4178-a45c-ed338064bfd1
https://mdmedica.com/ Frame
0
0

rfdj7acw
widget.intercom.io/widget/
7 KB
3 KB
Script
General
Full URL
https://widget.intercom.io/widget/rfdj7acw
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0902092ae22853c20296d62a8775e2ac931fddf0f46eef2d028363361e43c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
x-amz-version-id
GlovieB8CLeSHnv2PG5YNIAeuWcQSaoQ
etag
"85a502c37588533d30a50661c4222566"
age
119
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
GMawBwB_G942OLnpsw76Zr6oRTr2GcbH-NlZcXJuG1QdD7YOFgGbVg==
date
Sat, 28 Sep 2024 00:13:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
last-modified
Fri, 27 Sep 2024 13:37:13 GMT
cache-control
max-age=300, s-maxage=300, public
cross-origin-resource-policy
cross-origin
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2667
x-amz-cf-pop
FRA2-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/
226 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4447, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
msMCrh38vkaTNMXeHwBkylyGQbeJhz4/wE/g2h0YI1FE1tOy32bHFLLnMTU7ulBAW1RMfNNdYTi16p9KvPvnYA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59131
x-xss-protection
0
origin-agent-cluster
?0
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab85ce7a3d6fb4bd71482f2220a278b7ff4bf98b0c0cc657d8386feadd87fff3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae6b623c6f61c6a017c98094831f133d8610e827843fb5f1633a8e85b4827f82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc16bac82b0b7e8fc3f54cae1e6a7374a778b968adeff19da39b4fc634f2f02c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28167737bc801395be6521dc182c4676abab0c3c2265d729229e220115a535ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c13eb2de974d937340a6e368b28220efe11ed7299dc07dc6ac588abbe0e358da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3bdd851aa9586fd74c7b54b4e63dd01c6bf6ccd2d223010a978bde93b502f55f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b41e747afe630745aad806c96550626994b4d9b237bfbb367df5d92b2a178db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
15245573.png
static.legitscript.com/seals/
15 KB
15 KB
Image
General
Full URL
https://static.legitscript.com/seals/15245573.png
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1022 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05841f3cd543bd3c276c1785f1b8306bf84719df5a6d6e10661950cd203dfea0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cf-cache-status
HIT
etag
"66f72b90-3a08"
age
5364
cf-ray
8c9f8a18be705d92-FRA
accept-ranges
bytes
content-length
14856
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
image/png
last-modified
Fri, 27 Sep 2024 22:02:56 GMT
vary
Accept-Encoding
server
cloudflare
lHJGqgqw34
api.whitelabelmd.com/answers/myip/
109 B
291 B
Fetch
General
Full URL
https://api.whitelabelmd.com/answers/myip/lHJGqgqw34
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.141.20 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-141-20.us-east-2.compute.amazonaws.com
Software
Apache / PHP/7.4.33
Resource Hash
5a5887ed25b4a22103e0ca3aa9a48701cdfba3bb5b55ad4bf87d03a5afd96096

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
109
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
application/json
x-powered-by
PHP/7.4.33
server
Apache
access-control-allow-headers
*
9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2
fonts.gstatic.com/s/atkinsonhyperlegible/v11/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/atkinsonhyperlegible/v11/9Bt73C1KxNDXMspQ1lPyU89-1h6ONRlW45G8Wbc9dCWP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8e8b1e0e929651439e25e23ade4b9d6cac073f2444aadb8e8b85431726c2036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mdmedica.com
Referer
https://fonts.googleapis.com/

Response headers

age
119665
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 15:01:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 15:01:05 GMT
last-modified
Tue, 02 May 2023 14:56:45 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17616
x-xss-protection
0
server
sffe
9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2
fonts.gstatic.com/s/atkinsonhyperlegible/v11/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/atkinsonhyperlegible/v11/9Bt23C1KxNDXMspQ1lPyU89-1h6ONRlW45G04pIo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Atkinson+Hyperlegible:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b09653e3ba9d95e26da5c408979f40451990a4573ce5f96abe6982e2fcb09e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mdmedica.com
Referer
https://fonts.googleapis.com/

Response headers

age
120303
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 14:50:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 14:50:27 GMT
last-modified
Tue, 02 May 2023 14:56:41 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17184
x-xss-protection
0
server
sffe
themify.woff
mdmedica.com/wp-content/themes/bricks/assets/fonts/themify/
55 KB
55 KB
Font
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/fonts/themify/themify.woff
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/themify-icons.min.css?ver=1716998804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mdmedica.com
Referer
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/themify-icons.min.css?ver=1716998804

Response headers

etag
"a1ecc3b826d01251edddf29c3e4e1e97"
age
39275
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
56108
x-amz-cf-id
OV8mpSEFw7n4pbsRJCm4YaWXgkqvoN-frPxENSsdVsKrvhIDhKe1Dg==
date
Fri, 27 Sep 2024 13:20:56 GMT
content-type
application/font-woff
last-modified
Tue, 03 Sep 2024 22:38:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
fa-solid-900.woff2
mdmedica.com/wp-content/themes/bricks/assets/fonts/fontawesome/
153 KB
153 KB
Font
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/fonts/fontawesome/fa-solid-900.woff2
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/font-awesome-6.min.css?ver=1716998804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mdmedica.com
Referer
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/font-awesome-6.min.css?ver=1716998804

Response headers

etag
"6c4eee562650e53cee32496bdfbe534b"
age
60793
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
156496
x-amz-cf-id
dPW3aHUg0ywK6G1Svuf6_80maudoDhDO_y67dldlTxYgm0CoP0KAIA==
date
Fri, 27 Sep 2024 07:22:17 GMT
content-type
binary/octet-stream
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
ionicons.woff2
mdmedica.com/wp-content/themes/bricks/assets/fonts/ionicons/
49 KB
50 KB
Font
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/fonts/ionicons/ionicons.woff2
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1716998804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mdmedica.com
Referer
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/ionicons.min.css?ver=1716998804

Response headers

etag
"43d5c718339efeb1177aff722d72669d"
age
39275
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
50632
x-amz-cf-id
zqx4EjbMJjlCbwXTcJbQG4RgaKQhfJnKqMs6LRX7lAa4J_YbOBexOQ==
date
Fri, 27 Sep 2024 13:20:56 GMT
content-type
binary/octet-stream
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
fa-brands-400.woff2
mdmedica.com/wp-content/themes/bricks/assets/fonts/fontawesome/
115 KB
115 KB
Font
General
Full URL
https://mdmedica.com/wp-content/themes/bricks/assets/fonts/fontawesome/fa-brands-400.woff2
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/font-awesome-6-brands.min.css?ver=1716998804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://mdmedica.com
Referer
https://mdmedica.com/wp-content/themes/bricks/assets/css/libs/font-awesome-6-brands.min.css?ver=1716998804

Response headers

etag
"b6356c957274676e6571c1ff5e11c9a8"
age
84040
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
117372
x-amz-cf-id
NWaHEkdCJOEcbIigBoCpGhetU0y0UAj5NoRcO6eSKakQODM8izsk6A==
date
Fri, 27 Sep 2024 00:54:51 GMT
content-type
binary/octet-stream
last-modified
Tue, 03 Sep 2024 22:38:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
wp-emoji-release.min.js
mdmedica.com/wp-includes/js/
0
0
Script
General
Full URL
https://mdmedica.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Error from cloudfront
content-length
570
x-amz-cf-id
WInbxxSvuQt4p6JU4wkaQHDNbgZ89x8uZabFLekfGj2s2THoO5brFQ==
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
text/html; charset=utf-8
x-amz-cf-pop
FRA2-C2
server
AmazonS3
js
www.googletagmanager.com/gtag/
336 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VSJ5HH89PM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-KDT9F64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8100d401e4a206a78e3ee576923e9358531f3351789553e11d36dbc9a35a7a01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 00:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
111555
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-KDT9F64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
age
2722
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 28 Sep 2024 01:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Sep 2024 23:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/
226 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-NSLRV9N&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-KDT9F64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8afc2dbde1cc189e906cf4c5926e7532f0d143f7272c3db04d7b5d28cb17db8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 28 Sep 2024 00:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 28 Sep 2024 00:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81366
x-xss-protection
0
server
Google Tag Manager
weight-loss-cardR.jpg
mdmedica.com/wp-content/uploads/
19 KB
19 KB
Image
General
Full URL
https://mdmedica.com/wp-content/uploads/weight-loss-cardR.jpg
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30e6ccde6cedbf0597609c51caa42dfded4a01eb1f87596580f0b349a94a75a0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"b1097f3d44b2cdc7f8f077d818a63d01"
age
84040
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
19380
x-amz-cf-id
lK8slEq2a-XKSIkIvUjt1bSeggmOs5wirNToconCpGvy8spombRJxQ==
date
Fri, 27 Sep 2024 00:54:51 GMT
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 22:38:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
MD-bottle-shadow-2-E1-1-e1701805710692.jpg
mdmedica.com/wp-content/uploads/
9 KB
9 KB
Image
General
Full URL
https://mdmedica.com/wp-content/uploads/MD-bottle-shadow-2-E1-1-e1701805710692.jpg
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e23893565120442842ee82634758f6f013ae7732c3b7970bb43e1eb9326a9404

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"e98349d3b5fbef7bdff9ac0659a18337"
age
84040
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
8717
x-amz-cf-id
VY1udfGPnSOttkkxM0lYl1JwU-jc_c06YRhsdkKgxVskHIVUZ83hVA==
date
Fri, 27 Sep 2024 00:54:51 GMT
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 22:38:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
hipaa-badge-2-1.png
mdmedica.com/wp-content/uploads/2024/03/
3 KB
4 KB
Image
General
Full URL
https://mdmedica.com/wp-content/uploads/2024/03/hipaa-badge-2-1.png
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f40b73df902b537d42d945c78b196053ea174138bf5900f33c9fc0c6ac02c14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"a7e8b8a0ff78b586771934f19b131f41"
age
56701
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
3581
x-amz-cf-id
Ghwae7zJG0oLC_aUnlLKGLyUZADRa45lYFDLqnDe7PvNE-9sn3eS8Q==
date
Fri, 27 Sep 2024 08:30:30 GMT
content-type
image/png
last-modified
Tue, 03 Sep 2024 22:38:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
Group-19-2-1-1.png
mdmedica.com/wp-content/uploads/2024/03/
151 KB
151 KB
Image
General
Full URL
https://mdmedica.com/wp-content/uploads/2024/03/Group-19-2-1-1.png
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e2706ec8916a4b2644194509e34f65d408286d0214a18c1ceea8feb35f1b6c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"70a9c37d8f02660bcbe55682384609dc"
age
84040
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
154481
x-amz-cf-id
cyEt4nTBTkJaOaa41oSxJAxT2lOyqOvMsUw2BMruM7PGRmlqC3tGYA==
date
Fri, 27 Sep 2024 00:54:51 GMT
content-type
image/png
last-modified
Tue, 03 Sep 2024 22:38:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
pills-pack-1R.jpg
mdmedica.com/wp-content/uploads/
20 KB
20 KB
Image
General
Full URL
https://mdmedica.com/wp-content/uploads/pills-pack-1R.jpg
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73c581b21d61e62b932747123b9ef4a9c35f128e29ad63a81976e9ab540a0ae9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"724b2d1ef19f21531dc8fc3d0fbdf3e6"
age
84040
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
20001
x-amz-cf-id
kbT8TTkcm-S8WW-i7BY-eOjakKM6p1hiDq0EFld02_yDVazjxoGqPQ==
date
Fri, 27 Sep 2024 00:54:51 GMT
content-type
image/jpeg
last-modified
Tue, 03 Sep 2024 22:38:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
6292552287499935
connect.facebook.net/signals/config/
87 KB
18 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/6292552287499935?v=2.9.169&r=stable&domain=mdmedica.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63624f7353521d5df9698b64a6c04ad892b034ff71905f31319dc894ba833232
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sat, 28 Sep 2024 00:15:30 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=14, c=64, mss=1232, tbw=84559, tp=76, tpl=14, uplat=154, ullat=0
pragma
public
x-fb-debug
Qxb8carRAW3G3OuHS6SbWqdV6ZP8q+ckcMpUlXv73j+qHaKO4RB8lBcGJQK8h+zqiCPmUVvaEhYPUImH1xrrLA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
www.google-analytics.com/j/
3 B
418 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1186462354&t=pageview&_s=1&dl=https%3A%2F%2Fmdmedica.com%2F&ul=de-de&de=UTF-8&dt=MDMEDICA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=577852245&gjid=1569350258&cid=1107049085.1727482531&tid=UA-248741913-2&_gid=1321960950.1727482531&_r=1&_slc=1&gtm=45Xe49p0n81KDT9F64v9104770512za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=1062506757
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://mdmedica.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:30 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://mdmedica.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VSJ5HH89PM&gtm=45je49p0v9102389438z89104770512za200zb9104770512&_p=1727482530646&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1107049085.1727482531&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727482530&sct=1&seg=0&dl=https%3A%2F%2Fmdmedica.com%2F&dt=MDMEDICA&en=page_view&_fv=1&_ss=1&tfd=1689
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSJ5HH89PM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mdmedica.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
542 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VSJ5HH89PM&cid=1107049085.1727482531&gtm=45je49p0v9102389438z89104770512za200zb9104770512&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSJ5HH89PM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mdmedica.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-44ZB79NJV1&gtm=45je49p0v9102389438z89104770512za200zb9104770512&_p=1727482530646&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1107049085.1727482531&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727482530&sct=1&seg=0&dl=https%3A%2F%2Fmdmedica.com%2F&dt=MDMEDICA&en=page_view&_fv=1&_ss=1&tfd=1695
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSJ5HH89PM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mdmedica.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
57 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-44ZB79NJV1&cid=1107049085.1727482531&gtm=45je49p0v9102389438z89104770512za200zb9104770512&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VSJ5HH89PM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mdmedica.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VSJ5HH89PM&cid=1107049085.1727482531&gtm=45je49p0v9102389438z89104770512za200zb9104770512&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=515923595
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 28 Sep 2024 00:15:30 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-44ZB79NJV1&cid=1107049085.1727482531&gtm=45je49p0v9102389438z89104770512za200zb9104770512&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1182908722
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 28 Sep 2024 00:15:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=6292552287499935&ev=PageView&dl=https%3A%2F%2Fmdmedica.com&rl=&if=false&ts=1727482531124&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=12316&fbp=fb.1.1727482531121.632820042453606048&cs_est=true&pm=1&hrl=398ab3&ler=empty&cdl=API_unavailable&it=1727482530816&coo=false&cs_cc=1&cas=7512889092100360%2C7503883102984302%2C7233209606743425%2C6005303039569303&exp=f0&rqm=GET
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1328, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6292552287499935&ev=PageView&dl=https%3A%2F%2Fmdmedica.com&rl=&if=false&ts=1727482531124&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=12316&fbp=fb.1.1727482531121.632820042453606048&cs_est=true&pm=1&hrl=398ab3&ler=empty&cdl=API_unavailable&it=1727482530816&coo=false&cs_cc=1&cas=7512889092100360%2C7503883102984302%2C7233209606743425%2C6005303039569303&exp=f0&rqm=FGET
Requested by
Host: mdmedica.com
URL: https://mdmedica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7419480976649715770"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb0b4136976094dfa","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:9752804624791513","7830:9752804624791513","10853:9752804624791513","41:9752804624791513","8046:9752804624791513"]},"debug_reporting":true,"debug_key":"1252672534099162687"}
date
Sat, 28 Sep 2024 00:15:31 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
n60oKQa4KHseMoLrKEqtmOVzg7dynCOColMoQZi11bJZ/VhD24VGa7YMDOG6lW0uMKl7oPoZgrsTzxR2XTR1/w==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7419480976649715770", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1328, tbw=3094, tp=-1, tpl=-1, uplat=144, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
frame-modern.9f6a59b4.js
js.intercomcdn.com/ Frame CD10
466 KB
141 KB
Script
General
Full URL
https://js.intercomcdn.com/frame-modern.9f6a59b4.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/rfdj7acw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa4c49e45fbbde57fb0e3714e674bc83a7fb53f64724770c6bfe1c83229cbe9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
5.HCGZrYnTAsMIGI7rFH9dyHBykTBEd0
etag
"baa680a4cc8320f3f10d10978958d16a"
age
2295
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
_fbBlFmUs9ub8jM11HzQCL5RU-bd19Tz1yjBMR_rr0eBLE790sHBsg==
date
Fri, 27 Sep 2024 23:37:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 13:34:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
143313
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
vendor-modern.8b97a971.js
js.intercomcdn.com/ Frame CD10
455 KB
145 KB
Script
General
Full URL
https://js.intercomcdn.com/vendor-modern.8b97a971.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/rfdj7acw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
5Oq6KQX1.2FQPFa8gSA2BBZXd9o8QSJv
etag
"2406ae0ce4db8aa51ed52dde4792a464"
age
594
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
sNBe1A1KVGMlJU3nfWo1As_aDaE907AGm46qFaEBaRniscDcW2X3Xg==
date
Sat, 28 Sep 2024 00:05:38 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 12:14:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
147289
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
favicon-md-medical-1-1.png
mdmedica.com/wp-content/uploads/
956 B
1 KB
Other
General
Full URL
https://mdmedica.com/wp-content/uploads/favicon-md-medical-1-1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:b:78e7:6080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d835119ad830192ed5ca1a4e260e9dc4ace699f9c343e691b5d11141c111071

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://mdmedica.com/

Response headers

etag
"7b66d4647cffc7b4e4c584a8cbcc6d8a"
age
38801
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
956
x-amz-cf-id
ioW4vpWh-TP54k-oqRxojOzP4TwOc-CKg0_RIhtaHqsYHM8ygGV_Vg==
date
Fri, 27 Sep 2024 13:28:51 GMT
content-type
image/png
last-modified
Tue, 03 Sep 2024 22:38:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
ping
api-iam.intercom.io/messenger/web/ Frame CD10
0
0

vendors~sentry-modern.50f487c6.js
js.intercomcdn.com/ Frame CD10
357 KB
107 KB
Script
General
Full URL
https://js.intercomcdn.com/vendors~sentry-modern.50f487c6.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.9f6a59b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6eed606c0624b70b57344592e32eb9234acc47ea9de79d2b107f3a8dfc2ebcb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
2x2K30N50B5AG0vQmAuiBf9XGqeU_y21
etag
"9381966e51058a1b4f5b4e6c24dd189a"
age
2216
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KglGIIRKH0ROCMN6e_as7aO80Bkd7KGnsaI2Y94e_e0PR4kiwAIZzA==
date
Fri, 27 Sep 2024 23:38:37 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 23 Sep 2024 12:14:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
108352
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
sentry-modern.2b0a3a92.js
js.intercomcdn.com/ Frame CD10
3 KB
2 KB
Script
General
Full URL
https://js.intercomcdn.com/sentry-modern.2b0a3a92.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.9f6a59b4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-55.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee5cfda8afe535232ddf61da205b96a1977fe9696805f1ed7d1bd6a9331674e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
x-amz-version-id
q31SO8pHsvv596mrUt8cNQiBhsjoRl.u
etag
"7dad4e224f1893f60af9262f26a0e6d6"
age
2294
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
hvjpyr_3fYcZqBSSknJCh7WsB69nxZLGZz9SdU0mBu7o1_qX-GnCmw==
date
Fri, 27 Sep 2024 23:37:20 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 27 Sep 2024 13:34:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=31536000, s-maxage=7200, public
cross-origin-resource-policy
cross-origin
via
1.1 5335ce80c0b9264bc591cce2c73bef5e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
1493
x-amz-cf-pop
FRA56-P9
server
AmazonS3
x-amz-server-side-encryption
AES256

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mdmedica.com
URL
blob:https://mdmedica.com/f999f779-7a72-4178-a45c-ed338064bfd1
Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings object| w object| d object| intercomSettings function| Intercom function| checkDebug function| elog function| gtag object| dataLayer function| fbq function| _fbq function| tracking_start function| setTrackId function| useTrackId function| setWID function| getWID function| showIntakeFormModal function| showIntakeFormInline function| closeFormModal function| closeFormInline function| isLaunchOp function| makeRandString function| getEverflowTrackingCookie function| getTrackingCookie function| forceTrackingCookie function| clickTrackingOperations function| tracking_finished function| updateJotform_when_ready function| isJotformLoaded function| pollJotform function| uniqueIdFieldOfIframe function| callerFieldOfIframe function| forcedUniqueIdFieldOfIframe function| trackingFieldOfIframe function| trackingArgsFieldOfIframe function| fieldOfIFrame function| updateJotform function| setupIntakeTracking function| urlNoHash function| returnElementByName function| returnElementEndingIn function| logIntakeCompletion function| postData function| formatValueWID function| betterName function| setJotformField function| makeListenerField function| addToRecordQueue function| postQueuedData function| returnStateCode function| isHidden function| pad function| questionText function| questionTextCardStyle function| questionTextFormStyle function| resetQuestionTimer function| questionTimer function| trackButtonClick function| activateFormEvents function| doPageFormOnload function| advanceForm function| nextStep function| removeAnyHash function| autoProductStep function| calculateCheckoutUrl function| calculateReceiptUrl function| proceedToCheckout function| proceedToReceipt function| addArgsToCheckout function| compiledUserdata function| userSelectedProduct function| operationToRun function| handleFormHashControl function| setVariable function| getVariable function| handleLaunches function| getPageJotformIframe function| actionIsFirstTime function| callGA function| wlmdSetCookieTldMonths function| getCookie function| wlmdSetCookie function| setCookie function| myLaunch function| domLoadedModal function| domLoadedIntake object| recordQueue object| trackingInfo object| wlmdvar function| handleIFrameMessage function| isPermitted object| page_presets function| checkoutTrackingString string| url object| urlParams string| tuid function| pageStarter function| setIp string| mystage boolean| be_quiet object| directives boolean| jotformIsReady function| addListenersWhenFuncExist function| setupModalButtons function| showIntakeForm function| gtmEvent function| myCloseActions function| awaitCTO object| bricksData function| _typeof function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| _defineProperty function| _defineProperties function| _createClass function| _toPropertyKey function| _toPrimitive function| _classCallCheck function| BricksIntersect function| BricksIsInViewport function| bricksQuerySelectorAll object| bricksUtils function| BricksFunction object| bricksLazyLoadFn function| bricksLazyLoad object| bricksAnimationFn function| bricksAnimation object| bricksInitQueryLoopInstancesFn function| bricksInitQueryLoopInstances function| bricksAjaxLoader function| bricksQueryLoadPage object| bricksQueryPaginationFn function| bricksQueryPagination function| bricksStickyHeader function| bricksOnePageNavigation function| bricksSearchToggle object| bricksAlertDismissFn function| bricksAlertDismiss object| bricksTabsFn function| bricksTabs object| bricksVideoOverlayClickDetectorFn function| bricksVideoOverlayClickDetector object| bricksBackgroundVideoInitFn function| bricksBackgroundVideoInit object| bricksPhotoswipeFn function| bricksPhotoswipe function| bricksGetLightboxVideoNode object| bricksAccordionFn function| bricksAccordion object| bricksAnimatedTypingFn function| bricksAnimatedTyping object| bricksAudioFn function| bricksAudio object| bricksPostReadingTimeFn function| bricksPostReadingTime object| bricksCountdownFn function| bricksCountdown object| bricksCounterFn function| bricksCounter object| bricksTableOfContentsFn function| bricksTableOfContents object| bricksFormFn function| bricksForm function| bricksSubmitForm function| bricksRegenerateNonceAndResubmit object| bricksIsotopeFn function| bricksIsotope function| bricksIsotopeListeners object| bricksMapFn function| bricksMap object| bricksPieChartFn function| bricksPieChart object| bricksPricingTablesFn function| bricksPricingTables object| bricksPostReadingProgressBarFn function| bricksPostReadingProgressBar object| bricksProgressBarFn function| bricksProgressBar object| bricksSplideFn function| bricksSplide object| bricksSwiperFn function| bricksSwiper object| bricksVideoFn function| bricksVideo function| bricksFacebookSDK object| bricksPrettifyFn function| bricksPrettify function| bricksSkipLinks object| bricksInteractionsFn function| bricksInteractions function| bricksPopups function| bricksScrollInteractions function| bricksInteractionCallback function| bricksInteractionCallbackExecution function| bricksOpenPopup function| bricksFetchPopupContent function| bricksClosePopup function| bricksPopupCheckLimit function| bricksPopupCheckBreakpoint function| bricksPopupCounter function| bricksInteractionCheckConditions function| bricksStorageGetItem function| bricksStorageSetItem function| bricksStorageRemoveItem function| bricksNavNested function| bricksNavNestedClose function| bricksOffcanvas function| bricksOffcanvasClose function| bricksToggleDisplay object| bricksToggleFn function| bricksToggle function| bricksSubmenuToggle function| bricksSubmenuListeners function| bricksSubmenuPosition function| bricksMultilevelMenu function| bricksNavMenuMobile function| bricksGetFocusables boolean| bricksIsFrontend object| bricksPauseMediaFn function| bricksGetQueryResult function| bricksDisplayQueryResult function| bricksSetVh object| bricksTimeouts function| Splide object| xSlider function| xProSlider object| google_tag_manager object| google_tag_data function| doExtrasSlider string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| __intercomAssignLocation function| __intercomReloadLocation

10 Cookies

Domain/Path Name / Value
.fohrims.com/ Name: _ga
Value: GA1.1.458171120.1727482529
.fohrims.com/ Name: _ga_GBWN1FVJNJ
Value: GS1.1.1727482528.1.1.1727482530.0.0.0
mdmedica.com/ Name: wlmd_tracking_unid
Value: vBIg7KwK8Z
.mdmedica.com/ Name: _gcl_au
Value: 1.1.416523733.1727482531
.mdmedica.com/ Name: _gid
Value: GA1.2.1321960950.1727482531
.mdmedica.com/ Name: _gat_UA-248741913-2
Value: 1
.mdmedica.com/ Name: _ga_VSJ5HH89PM
Value: GS1.1.1727482530.1.0.1727482530.60.0.0
.mdmedica.com/ Name: _ga
Value: GA1.1.1107049085.1727482531
.mdmedica.com/ Name: _ga_44ZB79NJV1
Value: GS1.1.1727482530.1.0.1727482530.60.0.0
.mdmedica.com/ Name: _fbp
Value: fb.1.1727482531121.632820042453606048

2 Console Messages

Source Level URL
Text
network error URL: https://fohrims.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mdmedica.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.whitelabelmd.com
connect.facebook.net
fohrims.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
mdmedica.com
region1.analytics.google.com
region1.google-analytics.com
static.legitscript.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.mdmedica.com
xml.looksmartppc.com
api-iam.intercom.io
mdmedica.com
13.224.189.35
173.239.53.20
18.219.132.105
18.245.46.55
2001:4860:4802:32::36
2600:9000:21f3:7c00:b:78e7:6080:93a1
2606:4700::6812:1022
2a00:1450:4001:803::2003
2a00:1450:4001:806::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.132.141.20
76.76.21.21
05841f3cd543bd3c276c1785f1b8306bf84719df5a6d6e10661950cd203dfea0
089d7e34b37f0671ef4b1d8576da6e6fafcc9ca50b14b6af23d9c7f0022f2dbd
0b41e747afe630745aad806c96550626994b4d9b237bfbb367df5d92b2a178db
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0fae245d1a504fe6d973d512d63ea4fc620a840e4c1d849e421654450b507359
199ea0f8225456cdb13c1478970b43fc6ab31e7c99005e4dc4ebc922dc8c2f17
1a2fa96fcfb6bd629e06342020f79021ee5bd953d7582cccc193db3587f5c4f3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d835119ad830192ed5ca1a4e260e9dc4ace699f9c343e691b5d11141c111071
1e2706ec8916a4b2644194509e34f65d408286d0214a18c1ceea8feb35f1b6c1
1fb59a493c6ef06997fc23a1555b41c4e2563553f65826565e248986635fc26b
28167737bc801395be6521dc182c4676abab0c3c2265d729229e220115a535ee
30e6ccde6cedbf0597609c51caa42dfded4a01eb1f87596580f0b349a94a75a0
33c63df183af672f676a6a298dc87127be324c1fa7d5f8242dd32cff6e1e9841
35ab26e87512eed820fb736b3458ecf49f7ed81d65f6f758e8666ae30ee481a3
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3bdd851aa9586fd74c7b54b4e63dd01c6bf6ccd2d223010a978bde93b502f55f
5a5887ed25b4a22103e0ca3aa9a48701cdfba3bb5b55ad4bf87d03a5afd96096
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
5f40b73df902b537d42d945c78b196053ea174138bf5900f33c9fc0c6ac02c14
63624f7353521d5df9698b64a6c04ad892b034ff71905f31319dc894ba833232
649218d06ada6cbd24cd0a01d080a34b497c2c65f16792e3e4afee7bf950e558
6eed606c0624b70b57344592e32eb9234acc47ea9de79d2b107f3a8dfc2ebcb4
71ed963804cbd4b773b16a2e290fb534288140999cca4833a8ff300a9d72a9b1
73c581b21d61e62b932747123b9ef4a9c35f128e29ad63a81976e9ab540a0ae9
8100d401e4a206a78e3ee576923e9358531f3351789553e11d36dbc9a35a7a01
839d821426383cc0f978a6a20074e6f5524d23ad66f19bdb883f6874bca1cfce
8afc2dbde1cc189e906cf4c5926e7532f0d143f7272c3db04d7b5d28cb17db8a
9543dfee27c5e261bea887446d68718f9d8e6e1b9dcefe66786244fa889989bc
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a13b995bbee34ec12654a3414cc608ad286568f6677cffb59b7cc3894d42b0e6
a422aac4e9c75a288f1d2f335d9d73bdf26d44719d69dede4f998a4185c5133f
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab85ce7a3d6fb4bd71482f2220a278b7ff4bf98b0c0cc657d8386feadd87fff3
ace508de9bd970554cf4c0b0182df0fe475d62cf2589bdc6aab3740046f48f10
ae6b623c6f61c6a017c98094831f133d8610e827843fb5f1633a8e85b4827f82
b09653e3ba9d95e26da5c408979f40451990a4573ce5f96abe6982e2fcb09e6c
b5733ac9c2884ea28cf994ab35861f49eb1ef6445b7739abc72f66579c364c18
b592cc773c7a7def7358cb67a777a3fe65bef9af091e8d61d8b51cfe99522f0b
bc16bac82b0b7e8fc3f54cae1e6a7374a778b968adeff19da39b4fc634f2f02c
c13eb2de974d937340a6e368b28220efe11ed7299dc07dc6ac588abbe0e358da
c194e583fbe59beaca5100af6996159dbd0f20ba21a70eee1c61292d06d0b840
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec
cb5e194ef7358852d826919eb8855e2ce008fca1f548b17193b24ad158e98da9
cf6523ae83ffbae5cd623c07593a13c4b12f0b163f1c3c043439e023cedebf00
d8e8b1e0e929651439e25e23ade4b9d6cac073f2444aadb8e8b85431726c2036
da0902092ae22853c20296d62a8775e2ac931fddf0f46eef2d028363361e43c1
dca46186d298d744678f08fb04ce50ae96478c0c1b09d6a11e3e7fba39f31f63
dcdd3fa20d528497ea4a1ad00eb280c4eba2f279919bec83273e8448bd765b79
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e23893565120442842ee82634758f6f013ae7732c3b7970bb43e1eb9326a9404
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53625d097a14ef03681794fed1a70fd1b5786ff3a89af1193e5bdb3ebf7ac18
e70d963e7f59350b16dcba9796ad8aec2001738b6756509c4ea77e2bfb0921f0
ec085b1841b86b2160725d68a123a8f576fc0ac7108ca43f98214f716caf2335
eda9c683e93397090afcdc57ad8f445437f2a6facfb4f7c7e2b3b1af49a92757
ee5cfda8afe535232ddf61da205b96a1977fe9696805f1ed7d1bd6a9331674e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef642ea61846bd0bd56efdcab9a0dd97758512b629a0f079a5bb0bbf6f6899ed
f6c64aca195132b32d28bc973e985612230c910a30d7acd2334760ef50816eec
fa4c49e45fbbde57fb0e3714e674bc83a7fb53f64724770c6bfe1c83229cbe9c