mdlnext.mdlive.com Open in urlscan Pro
137.116.88.213 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.mdlive.com/
Effective URL:
https://mdlnext.mdlive.com/home
Submission: On November 06 via api (November 6th 2020, 6:44:06 pm UTC) from US

Summary HTTP 117 Redirects Links 48 Behaviour Indicators

Summary

This website contacted 50 IPs in 6 countries across 43 domains to perform 117 HTTP transactions. The main IP is 137.116.88.213, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mdlnext.mdlive.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 13th 2020. Valid for: a year.

This is the only time mdlnext.mdlive.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.209.240.184 104.209.240.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
22	137.116.88.213 137.116.88.213	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
21	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	13.226.132.93 13.226.132.93	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:eb:... 2a02:26f0:eb:389::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:21f... 2600:9000:21f3:1a00:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.84.142.222 54.84.142.222	14618 (AMAZON-AES) (AMAZON-AES)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.111.241.218 104.111.241.218	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	13.226.132.59 13.226.132.59	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
2	13.226.132.6 13.226.132.6	16509 (AMAZON-02) (AMAZON-02)
1	13.226.132.55 13.226.132.55	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	34.251.150.2 34.251.150.2	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
2	52.205.51.47 52.205.51.47	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
16 22	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4200:cb3:5c60:7c23:c0c7	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.28.175.104 52.28.175.104	16509 (AMAZON-02) (AMAZON-02)
1	13.226.132.62 13.226.132.62	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
5 5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	136.144.49.28 136.144.49.28	54825 (PACKET) (PACKET)
1	3.228.45.187 3.228.45.187	14618 (AMAZON-AES) (AMAZON-AES)
1	184.30.210.81 184.30.210.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.245.253.34 34.245.253.34	16509 (AMAZON-02) (AMAZON-02)
1 2	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
117	50

2 104.209.240.184 (Boydton, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.mdlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 137.116.88.213 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mdlnext.mdlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

mdlnext-prodcdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.132.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-93.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net

8496525.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:389::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.53.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:1a00:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

101852.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.142.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-142-222.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.241.218 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-241-218.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-59.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.132.6 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-6.dus51.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.55 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-55.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:11:101::b93f:9005 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.150.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-150-2.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.205.51.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-51-47.compute-1.amazonaws.com

js.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

116-ahj-010.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.253.128.183 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:cb3:5c60:7c23:c0c7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.175.104 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.62 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-62.dus51.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.144.49.28 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.45.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-45-187.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.210.81 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.253.34 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.48 (United States) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, NL)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.52 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	15 KB
24	mdlive.com 2 redirects www.mdlive.com mdlnext.mdlive.com	1023 KB
21	azureedge.net mdlnext-prodcdn.azureedge.net	344 KB
9	doubleclick.net 5 redirects 8496525.fls.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	4 KB
5	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	77 KB
4	facebook.com www.facebook.com	538 B
4	google-analytics.com www.google-analytics.com	53 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	google.de www.google.de	328 B
3	google.com 1 redirects www.google.com	517 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	adnxs.com 1 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	facebook.net connect.facebook.net	160 KB
3	callrail.com cdn.callrail.com js.callrail.com	19 KB
2	openx.net 1 redirects us-u.openx.net	480 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	978 B
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 1 redirects pixel.tapad.com	906 B
2	trustpilot.com widget.trustpilot.com	7 KB
2	everesttech.net 2 redirects rtd-tm.everesttech.net	712 B
2	marketo.net munchkin.marketo.net	6 KB
2	bing.com bat.bing.com	8 KB
2	licdn.com snap.licdn.com	3 KB
2	googleadservices.com 1 redirects www.googleadservices.com	12 KB
1	twitter.com analytics.twitter.com	653 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	329 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	agkn.com 1 redirects aa.agkn.com	320 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	mktoresp.com 116-ahj-010.mktoresp.com	311 B
1	t.co t.co	448 B
1	reddit.com alb.reddit.com	125 B
1	tctm.co 101852.tctm.co	18 KB
1	redditstatic.com www.redditstatic.com	6 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	gstatic.com fonts.gstatic.com	23 KB
1	googletagmanager.com www.googletagmanager.com	64 KB
117	43

	Domain	Requested by
22	um.simpli.fi	16 redirects mdlnext.mdlive.com
22	mdlnext.mdlive.com	mdlnext.mdlive.com
21	mdlnext-prodcdn.azureedge.net	mdlnext.mdlive.com mdlnext-prodcdn.azureedge.net
4	www.facebook.com	mdlnext.mdlive.com
4	cm.g.doubleclick.net	3 redirects mdlnext.mdlive.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com mdlnext-prodcdn.azureedge.net
4	fonts.googleapis.com	mdlnext.mdlive.com
3	www.google.de	mdlnext.mdlive.com
3	www.google.com	1 redirects mdlnext.mdlive.com
3	connect.facebook.net	mdlnext.mdlive.com connect.facebook.net
2	us-u.openx.net	1 redirects mdlnext.mdlive.com
2	sync.search.spotxchange.com	1 redirects mdlnext.mdlive.com
2	ce.lijit.com	1 redirects mdlnext.mdlive.com
2	bcp.crwdcntrl.net	1 redirects mdlnext.mdlive.com
2	loadm.exelator.com	1 redirects mdlnext.mdlive.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects mdlnext.mdlive.com
2	js.callrail.com	cdn.callrail.com mdlnext-prodcdn.azureedge.net
2	px.ads.linkedin.com	1 redirects mdlnext.mdlive.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	widget.trustpilot.com	mdlnext-prodcdn.azureedge.net widget.trustpilot.com
2	rtd-tm.everesttech.net	2 redirects
2	munchkin.marketo.net	mdlnext.mdlive.com munchkin.marketo.net
2	secure.adnxs.com	1 redirects mdlnext.mdlive.com
2	bat.bing.com	mdlnext.mdlive.com
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	8496525.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	static.hotjar.com	mdlnext.mdlive.com www.googletagmanager.com
2	www.mdlive.com	2 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	pixel.rubiconproject.com	mdlnext.mdlive.com
1	ib.adnxs.com	mdlnext.mdlive.com
1	idsync.rlcdn.com	mdlnext.mdlive.com
1	stags.bluekai.com	mdlnext.mdlive.com
1	sync.bfmio.com	mdlnext.mdlive.com
1	pbid.pro-market.net	mdlnext.mdlive.com
1	sync.intentiq.com	mdlnext.mdlive.com
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	mdlnext.mdlive.com
1	116-ahj-010.mktoresp.com	mdlnext-prodcdn.azureedge.net
1	i.simpli.fi	tag.simpli.fi
1	in.hotjar.com	mdlnext-prodcdn.azureedge.net
1	stats.g.doubleclick.net	mdlnext-prodcdn.azureedge.net
1	t.co	mdlnext.mdlive.com
1	www.linkedin.com	1 redirects
1	alb.reddit.com	mdlnext.mdlive.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	tag.simpli.fi	www.googletagmanager.com
1	cdn.callrail.com	www.googletagmanager.com
1	101852.tctm.co	www.googletagmanager.com
1	www.redditstatic.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	mdlnext.mdlive.com
117	56

This site contains links to these domains. Also see Links.

Domain
www.mdlive.com
members.mdlive.com
itunes.apple.com
play.google.com
ew41.ultipro.com
secure.ethicspoint.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com

Subject Issuer	Validity	Valid
*.mdlive.com Go Daddy Secure Certificate Authority - G2	`2020-05-13` - `2021-05-13`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2020-03-18` - `2022-03-18`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
www.redditstatic.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-02-22`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.tctm.co Amazon	`2019-12-06` - `2021-01-06`	a year	crt.sh
cdn.callrail.com Amazon	`2020-04-24` - `2021-05-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.trustpilot.com Amazon	`2020-05-01` - `2021-06-01`	a year	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-08-26` - `2021-02-22`	6 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
js.callrail.com Amazon	`2020-04-24` - `2021-05-24`	a year	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.pro-market.net Gandi Standard SSL CA 2	`2020-07-22` - `2022-08-20`	2 years	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://mdlnext.mdlive.com/home
Frame ID: 62197DAC2361E1581AF532535FE4F254
Requests: 114 HTTP requests in this frame

Frame: https://8496525.fls.doubleclick.net/activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome
Frame ID: AE1D3B59DB8E31C26DA07BD1874D31D1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: FB990B598CA9CE0813540E64D33276C0
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=58ef81380000ff0005a06aa4
Frame ID: CC1DF015D7091C7FB8EC7941A63C0368
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.mdlive.com/ HTTP 301
https://www.mdlive.com/ HTTP 301
https://mdlnext.mdlive.com/home Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

script /munchkin\.marketo\.net\/munchkin\.js/i

Page Statistics

117
Requests

100 %
HTTPS

38 %
IPv6

43
Domains

56
Subdomains

50
IPs

6
Countries

1848 kB
Transfer

3634 kB
Size

21
Cookies

48 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mdlive.com/how-telehealth-works/
Title: How It Works

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/what-we-treat
Title: What We Treat

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/counseling
Title: Counseling

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/psychiatry
Title: Psychiatry

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/dermatology
Title: Dermatology

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/testimonials
Title: Testimonials

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/health-systems/
Title: Health Systems

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/health-plans/
Title: Health Plans

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/employers/
Title: Employers

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/become-a-provider/our-providers/
Title: Our Providers

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/provider/
Title: Become a Provider

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/careers/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/news-media/
Title: News & Media

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/press-room/
Title: Pressroom

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/resources/
Title: Virtual Care Resources

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://members.mdlive.com/login
Title: See a doctor now

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/coronavirus
Title: Learn more.

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/patients/faqs/#1529610771073-ff78d46e-d822
Title: When is MDLIVE available?

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/patients/faqs/#1529610737333-ffee5d22-722c
Title: Where is MDLIVE available?

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/patients/faqs/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/mdlive/id839671393?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mdlive.mobile

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/what-we-treat/
Title: What we treat

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/testimonials/
Title: Testimonials

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/resellers-and-tpas/
Title: Resellers and TPAs

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/brokers/
Title: Brokers

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/government/
Title: Government

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/provider
Title: Become a Provider

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/executive-team/
Title: Executive Team

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/board-of-directors/
Title: Board of Directors

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/investors/
Title: Investors

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/company/upcoming-events/
Title: Upcoming Events

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/partners/
Title: Partners

Search URL Search Domain Scan URL

URL: https://ew41.ultipro.com/
Title: Employee Login

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/ada-policy/
Title: ADA Policy

Search URL Search Domain Scan URL

URL: https://www.mdlive.com/notice-of-non-discrimination/
Title: Notice of Non-Discrimination

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.com/domain/media/en/gui/55030/index.html
Title: Compliance Hotline

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MDLIVETelehealth

Search URL Search Domain Scan URL

URL: https://twitter.com/MDLIVEInc

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mdlive-inc-

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/MDLiveCare

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mdlive_inc/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.mdlive.com/ HTTP 301
https://www.mdlive.com/ HTTP 301
https://mdlnext.mdlive.com/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://8496525.fls.doubleclick.net/activityi;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome HTTP 302
https://8496525.fls.doubleclick.net/activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome

Request Chain 54

https://secure.adnxs.com/px?id=1075587&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1075587%26t%3D1

Request Chain 56

https://rtd-tm.everesttech.net/upi/?sid=4cFM6C1IaFWe0rRM46C2&cs=1&gtmcb=1446588462 HTTP 302
https://rtd-tm.everesttech.net/ct/upi/?sid=4cFM6C1IaFWe0rRM46C2&cs=1&gtmcb=1446588462&_test=X6WZYgAAAIpJYFLS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WDZXWllnQUFBSXBKWUZMUw

Request Chain 74

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320322&time=1604688226179&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D320322%26time%3D1604688226179%26url%3Dhttps%253A%252F%252Fmdlnext.mdlive.com%252Fhome%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320322&time=1604688226179&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&liSync=true

Request Chain 90

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=1EC47A9961E640D890D04294CEF88A43

Request Chain 92

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1EC47A9961E640D890D04294CEF88A43

Request Chain 93

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://um.simpli.fi/aa_px?sk=164980703597001512002

Request Chain 95

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1EC47A9961E640D890D04294CEF88A43

Request Chain 98

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1EC47A9961E640D890D04294CEF88A43;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=1EC47A9961E640D890D04294CEF88A43;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHEtVGR4lPVjnc2xHDTx46Y&google_cver=1

Request Chain 99

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1EC47A9961E640D890D04294CEF88A43&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=1EC47A9961E640D890D04294CEF88A43&j=0&xl8blockcheck=1

Request Chain 101

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=1EC47A9961E640D890D04294CEF88A43

Request Chain 102

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=1EC47A9961E640D890D04294CEF88A43

Request Chain 104

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1EC47A9961E640D890D04294CEF88A43

Request Chain 105

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=1EC47A9961E640D890D04294CEF88A43&dnr=1

Request Chain 107

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=1EC47A9961E640D890D04294CEF88A43

Request Chain 108

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1604688226612&cv=7&fst=1604688226612&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=ZJmlX5O8EYmcb6S6h5AH&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZJmlX5O8EYmcb6S6h5AH&cid=CAQSKQCNIrLM1IeP9JxT2uHRnj-rfkijIg-L9321vEXP4u67gwVbbyx0oAE_&random=2935482857 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZJmlX5O8EYmcb6S6h5AH&cid=CAQSKQCNIrLM1IeP9JxT2uHRnj-rfkijIg-L9321vEXP4u67gwVbbyx0oAE_&random=2935482857&ipr=y

Request Chain 109

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1EC47A9961E640D890D04294CEF88A43&__user_check__=1&sync_id=01d63671-2060-11eb-95c0-1974e5cf2f06

Request Chain 110

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=1EC47A9961E640D890D04294CEF88A43

Request Chain 111

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1EC47A9961E640D890D04294CEF88A43&expires=365

Request Chain 112

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1EC47A9961E640D890D04294CEF88A43

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEM0oAoGHNCGgh2fv1Zpv4e4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EC47A9961E640D890D04294CEF88A43 HTTP 302
https://um.simpli.fi/g_match?id=

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request home Show response
mdlnext.mdlive.com/
Redirect Chain

http://www.mdlive.com/
https://www.mdlive.com/
https://mdlnext.mdlive.com/home

92 KB
16 KB

626ms
126ms

Document
text/html

137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 814e1617c3adb8805acdd0e303ae915ed4667e1d49d2aa0cb56e6b2852317d47

Request headers

Host: mdlnext.mdlive.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: s-maxage=31536000, stale-while-revalidate
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 06 Nov 2020 18:43:45 GMT

Redirect headers

status: 301
content-type: text/html; charset=iso-8859-1
location: https://mdlnext.mdlive.com/home
server: Apache
date: Fri, 06 Nov 2020 18:43:44 GMT
content-length: 239

GET
H2 200 d75e0ccb14a4431eaf97.css
mdlnext-prodcdn.azureedge.net/_next/static/css/ 287 B
508 B 63ms
12ms Stylesheet
text/css 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/css/d75e0ccb14a4431eaf97.css
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9A) /
Resource Hash: ce03a5a38508b740a2b809a760d838251b1ff55388256c168384f1e35f3b9a6c

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
last-modified: Wed, 30 Sep 2020 09:48:27 GMT
server: ECAcc (frc/8E9A)
age: 3225608
etag: W/"11f-174de69c1f8"
status: 200
x-cache: HIT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 287
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 _app.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/ 43 KB
13 KB 64ms
14ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/_app.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F28) /
Resource Hash: 9c98c1a2b89364898cd8b0de5569416e4c8d2e678f8b47dfeda6fca4b1572ed0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F28)
age: 337146
status: 200
etag: W/"ab3c-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 13684
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 home.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/ 28 KB
8 KB 63ms
13ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/home.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F9F) /
Resource Hash: 6ed02744934d3e4bbfb307f52035b0cc325702d1dc609357a54ebaeba0805c32

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F9F)
age: 337146
status: 200
etag: W/"70db-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 7936
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 webpack-1c5199ff66550d26e499.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/runtime/ 2 KB
894 B 69ms
18ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/webpack-1c5199ff66550d26e499.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F25) /
Resource Hash: cb6380a3f56c908096d522da2f2ed2e16cf9cce994f21c723a3fca3309043c48

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 15:47:39 GMT
server: ECAcc (frc/8F25)
age: 4411498
status: 200
etag: W/"634-17497999578"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 794
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 framework.619a4f70c1d4d3a29cbc.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 126 KB
40 KB 70ms
20ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/framework.619a4f70c1d4d3a29cbc.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE1) /
Resource Hash: 80ccbb83020338bcbf259b3b559ecb1ae6b7f58b6d9cb1530090e6d5c65cfac0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 00:02:56 GMT
server: ECAcc (frc/8FE1)
age: 9211492
status: 200
etag: W/"1f9a3-17378fae780"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 40424
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 75fc9c18.cbe862d05f67479ee6e5.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 58 KB
18 KB 81ms
31ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/75fc9c18.cbe862d05f67479ee6e5.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E97) /
Resource Hash: c538ad9de986e696badab23a1db5d02058ff318d765419907700fd816dc95821

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 09:46:11 GMT
server: ECAcc (frc/8E97)
age: 808341
status: 200
etag: W/"e74c-1756e99beb8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 18688
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 commons.29e47ece941132745f75.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 9 KB
3 KB 80ms
31ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/commons.29e47ece941132745f75.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F70) /
Resource Hash: 3e910002f6fa48e39cd00342fa66d47baf15b133c052fab95d80da3435c34406

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 15:47:39 GMT
server: ECAcc (frc/8F70)
age: 4411498
status: 200
etag: W/"2214-17497999578"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 3173
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 956b8f01f3f1eff8cb566cc44c8e0f974828f358.d67f0ae12cb88b2391c2.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 22 KB
8 KB 69ms
19ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/956b8f01f3f1eff8cb566cc44c8e0f974828f358.d67f0ae12cb88b2391c2.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF6) /
Resource Hash: 44a34cd39241e4f794cf57a57c245d32f3d1eab5f4e7a015e2352defb953e42a

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8FF6)
age: 337146
status: 200
etag: W/"5977-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 8298
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 f508b7cc43b696e708481a7ed1f74debbb7330dc.b0d1adec593df1d38c29.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 589 KB
163 KB 74ms
25ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/f508b7cc43b696e708481a7ed1f74debbb7330dc.b0d1adec593df1d38c29.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F71) /
Resource Hash: 3cc09be32486a363f6a7ed6789e2c7e75bdf0afb57bd963f2aef30789add703c

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F71)
age: 337146
status: 200
etag: W/"932ea-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 167014
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 cc83989fd2bfec26391f6bd374e7c33842fb6df8.7c740647efb19e098ad4.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 26 KB
4 KB 80ms
31ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/cc83989fd2bfec26391f6bd374e7c33842fb6df8.7c740647efb19e098ad4.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3C) /
Resource Hash: 7697fbe7f36e4c7b429f6fc20d0b8c8bb2aa0fa91d4632c47c4b02b8661ffccb

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F3C)
age: 337146
status: 200
etag: W/"6637-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 4481
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 main-5cb108aba9d49efb48af.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/runtime/ 17 KB
6 KB 73ms
24ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF6) /
Resource Hash: badc5c8990e8152494d92a35fed69023f6382953a43dd9114ccd386f0d02b32f

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8FF6)
age: 337146
status: 200
etag: W/"455f-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 6340
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 89f789fedb55bc43a22a6c1489584e7c88b167fb.94d2069fa24006f262c3.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 17 KB
5 KB 79ms
30ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/89f789fedb55bc43a22a6c1489584e7c88b167fb.94d2069fa24006f262c3.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F24) /
Resource Hash: b0ec6e1991c23e0fec8b87a12f443204d0542636f2b7d9fb53ab3f717204477f

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F24)
age: 337146
status: 200
etag: W/"45cc-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 5409
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 css
fonts.googleapis.com/ 8 KB
811 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,600,700

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0cd521c64f50e661c1475b5f86d060d1fdd5ea9a206de54e651b1c78d603f599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 18:34:27 GMT
server: ESF
date: Fri, 06 Nov 2020 18:43:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
810 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:100,300,400,600,700

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ea85b5ea45b6d3cca4aaa0366056317429880d17b0f35b706ffb131065d4007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 18:43:45 GMT
server: ESF
date: Fri, 06 Nov 2020 18:43:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
588 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Encode+Sans:wght@300;400;600;700&display=swap

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b2a18542ff1f5ef15dfda0cc4cd92b53bc97632a22d75ff69eb2fd9c5aa9f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 18:43:45 GMT
server: ESF
date: Fri, 06 Nov 2020 18:43:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
914 B 28ms
27ms Stylesheet
text/css 2a00:1450:4001:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e91871372fcdd2a591971fe2ed042d4d4f59eee7fcc48fd4fe4b49ca54d7a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 18:43:45 GMT
server: ESF
date: Fri, 06 Nov 2020 18:43:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H/1.1 200
OK mdlive.svg
mdlnext.mdlive.com/static/svg/ 2 KB
1 KB 123ms
122ms Image
image/svg+xml 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/svg/mdlive.svg
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1974cd2dee96bee2dc81d1337b0488cedb74fbabb3cab7a84df1ec9b88150e4c

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
ETag: W/"6be-1758a7c8228"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK md-icon-on-orange-bg.png
mdlnext.mdlive.com/static/ 2 KB
2 KB 487ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/md-icon-on-orange-bg.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 06669cd3df9241d9928a3b0ccb60a1ad8102ce92e3ceceb8fe50ce7f4e1bbb8c

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"745-1758a7c8228"
Content-Length: 1861
Content-Type: image/png

GET
H/1.1 200
OK chevronDown.svg
mdlnext.mdlive.com/static/svg/ 1 KB
843 B 489ms
123ms Image
image/svg+xml 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/svg/chevronDown.svg
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0a89450e934973680286a1f5ecceb65c4bc556acf5c583aabcee01abd0e85364

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
ETag: W/"453-1758a7c8228"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: public, max-age=0
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK Register-icon.png
mdlnext.mdlive.com/static/ 2 KB
2 KB 489ms
121ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/Register-icon.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ddfb264635e0c54279c8701481c7f09dafb142da7442392de79e8db351416aa5

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"7db-1758a7c8228"
Content-Length: 2011
Content-Type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
64 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d2d7e85399aa43acafd1d28d9bcf0cca0b49b846c38cd0a536238905cae5848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65100
x-xss-protection: 0
last-modified: Fri, 06 Nov 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H2 200 hotjar-1315573.js Show response
static.hotjar.com/c/ 8 KB
3 KB 75ms
74ms Script
application/javascript 13.226.132.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1315573.js?sv=6

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.93 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-93.dus51.r.cloudfront.net

Software

Resource Hash

6bd0d992f446995de1c16447dd34bfe6d77da71b1f43769dfaa0e70ef50a2dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-C1
etag: W/a495d3cdab2e562882af557625b027a2
status: 200
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
vary: Accept-Encoding
x-amz-cf-id: BeRYYOlFS2ZFwOHex9wa7vhLTWa59i11N7z-TVQQ2NQJSHxTkg2V8w==
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)

GET
H/1.1 200
OK Calendar-icon.png
mdlnext.mdlive.com/static/ 7 KB
7 KB 491ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/Calendar-icon.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b99a9b64168a2e141163b44e82c06e6b665ea9c3d915097cbaac4c56d75c6bfe

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"1adc-1758a7c8228"
Content-Length: 6876
Content-Type: image/png

GET
H/1.1 200
OK FeelBetter-icon.png
mdlnext.mdlive.com/static/ 8 KB
8 KB 490ms
121ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/FeelBetter-icon.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eae41e70620c848bdd9b3b8578e227513b2bf3d8594b810e9eabf1928701a396

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"1e19-1758a7c8228"
Content-Length: 7705
Content-Type: image/png

GET
H/1.1 200
OK wwt-medical.png
mdlnext.mdlive.com/static/ 114 KB
115 KB 133ms
131ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/wwt-medical.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60233cee5eb1a9e306de23d10c095d462909c3462f185071807a38bcd4b7906a

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"1c990-1758a7c8228"
Content-Length: 117136
Content-Type: image/png

GET
H/1.1 200
OK blue-arrow.png
mdlnext.mdlive.com/static/ 1 KB
1 KB 127ms
123ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/blue-arrow.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: baa2f32c640708e002ae8322e3d050fe87688b8ff9946b6a96bd941ea5302297

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"458-1758a7c8228"
Content-Length: 1112
Content-Type: image/png

GET
H/1.1 200
OK wwt-derm.png
mdlnext.mdlive.com/static/ 104 KB
104 KB 128ms
124ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/wwt-derm.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 8e465488c16a0c9bc0990c61f315ffcac85f5f0a9dd64b95bdbe938c38d75fe4

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"1a037-1758a7c8228"
Content-Length: 106551
Content-Type: image/png

GET
H/1.1 200
OK wwt-counseling.png
mdlnext.mdlive.com/static/ 93 KB
93 KB 127ms
123ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/wwt-counseling.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 28a3d5d134944b852f4e058a11bbb020478ae88c60959fa99beb4277e93f6f98

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"17414-1758a7c8228"
Content-Length: 95252
Content-Type: image/png

GET
H/1.1 200
OK wwt-psychiatry.png
mdlnext.mdlive.com/static/ 421 KB
422 KB 131ms
130ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/wwt-psychiatry.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bda21a5491383f4cf645c6e53e5709e4b274db2db78075db34fb03d8a4cf0ddc

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"6952a-1758a7c8228"
Content-Length: 431402
Content-Type: image/png

GET
H/1.1 200
OK orange-shield.png
mdlnext.mdlive.com/static/ 18 KB
18 KB 131ms
131ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/orange-shield.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 170f0d4d087ca7e21adda2b229c0a16356f26a0c539b2d9f4b58c6653e5c1c9e

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"4617-1758a7c8228"
Content-Length: 17943
Content-Type: image/png

GET
H/1.1 200
OK app-store-logo.png
mdlnext.mdlive.com/static/ 3 KB
3 KB 123ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/app-store-logo.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 634f472cfe6c39faea070feb2c8385c6f7665486c469c1be18f9bb1ab0d3087a

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"c3d-1758a7c8228"
Content-Length: 3133
Content-Type: image/png

GET
H/1.1 200
OK play-store-logo.png
mdlnext.mdlive.com/static/ 4 KB
4 KB 123ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/play-store-logo.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 612e64e15e252f7cc22a28d1ccded5585d1727831b9042f78b41e7a83de6701f

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"eae-1758a7c8228"
Content-Length: 3758
Content-Type: image/png

GET
H/1.1 200
OK phone-with-doctor-on-screen.png
mdlnext.mdlive.com/static/ 137 KB
137 KB 123ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/phone-with-doctor-on-screen.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ba9d1d0e3123dba66c9939c08075040493a619c59dba2cc70adc1507d2fe35d8

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"2246d-1758a7c8228"
Content-Length: 140397
Content-Type: image/png

GET
H/1.1 200
OK social-icon-fb.png
mdlnext.mdlive.com/static/ 482 B
713 B 122ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/social-icon-fb.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: eee9135989bba24c31044b847bffc08adf067189f23216fe26234ff7fe0416a1

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"1e2-1758a7c8228"
Content-Length: 482
Content-Type: image/png

GET
H/1.1 200
OK social-icon-twitter.png
mdlnext.mdlive.com/static/ 1 KB
1 KB 129ms
128ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/social-icon-twitter.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 965e62c2f6aa462322f26bc70af64e5401362bb5a3eaf85a4a78054881386439

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"440-1758a7c8228"
Content-Length: 1088
Content-Type: image/png

GET
H/1.1 200
OK social-icon-linkedin.png
mdlnext.mdlive.com/static/ 956 B
1 KB 123ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/social-icon-linkedin.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 464b6c89ae6661dc3baa1da2cf4f8065769221fcebc72643066b1ff1a00f5b03

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"3bc-1758a7c8228"
Content-Length: 956
Content-Type: image/png

GET
H/1.1 200
OK social-icon-yt.png
mdlnext.mdlive.com/static/ 832 B
1 KB 122ms
122ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/social-icon-yt.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 24a937f98bc8d0855167c0bbfc9a36d0afc5e2b1f0d68765579b608f14e94fa8

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"340-1758a7c8228"
Content-Length: 832
Content-Type: image/png

GET
H/1.1 200
OK social-icon-instagram.png
mdlnext.mdlive.com/static/ 2 KB
2 KB 128ms
128ms Image
image/png 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/social-icon-instagram.png
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5fad686deb42dc586c108430819062296223ceac28edc875cf3b6e867e5b0958

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"672-1758a7c8228"
Content-Length: 1650
Content-Type: image/png

GET
H2 200 _buildManifest.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/ 1 KB
705 B 29ms
28ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/_buildManifest.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F11) /
Resource Hash: 42a9e3f1e7b5d109055eb9011ecdacec88c2af7ee7314c3a148054e1273228fb

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F11)
age: 337145
status: 200
etag: W/"4fe-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 629
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 _ssgManifest.js Show response
mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/ 92 B
188 B 29ms
29ms Script
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/_ssgManifest.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9C) /
Resource Hash: b9f51ececf8aad25ad848b7a4fe8f70e28cf22a191f0496c372153d7d5e295dc

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
last-modified: Mon, 02 Nov 2020 19:46:44 GMT
server: ECAcc (frc/8E9C)
age: 337145
etag: W/"5c-1758a7f5ca0"
status: 200
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 92
access-control-allow-method: GET,OPTIONS,HEAD

GET
H/1.1 200
OK hero-woman-checking-thermometer.jpg
mdlnext.mdlive.com/static/ 82 KB
82 KB 132ms
128ms Image
image/jpeg 137.116.88.213
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mdlnext.mdlive.com/static/hero-woman-checking-thermometer.jpg
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 137.116.88.213 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: caaf25eb519d18f30c6dbb805e16f74c71174d30343e39f3337a0358a84d760f

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2020 19:43:37 GMT
Accept-Ranges: bytes
ETag: W/"14794-1758a7c8228"
Content-Length: 83860
Content-Type: image/jpeg

GET
H2 200 LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6Sw_lSg.woff2
fonts.gstatic.com/s/encodesans/v7/ 23 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/encodesans/v7/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6Sw_lSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Encode+Sans:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495e76ed492babf779ec2870c71fa569abb6093077f79d4b51dd49e75fa49461

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mdlnext.mdlive.com
Referer: https://fonts.googleapis.com/css2?family=Encode+Sans:wght@300;400;600;700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 04 Nov 2020 23:00:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jul 2020 02:00:50 GMT
server: sffe
age: 157370
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23116
x-xss-protection: 0
expires: Thu, 04 Nov 2021 23:00:55 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
11 KB 55ms
54ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11472
x-xss-protection: 0
server: cafe
etag: 8286593240961886057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3260
date: Fri, 06 Nov 2020 17:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 06 Nov 2020 19:49:25 GMT

GET
H3-Q050

200

activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome
8496525.fls.doubleclick.net/ Frame AE1D
Redirect Chain

https://8496525.fls.doubleclick.net/activityi;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome?
https://8496525.fls.doubleclick.net/activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlne...

0
0

125ms
72ms

Document
text/html

172.217.21.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8496525.fls.doubleclick.net/activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8496525.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mdlnext.mdlive.com/home
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 06 Nov 2020 18:43:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 387
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 06-Nov-2020 18:58:46 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Fri, 06 Nov 2020 18:43:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8496525.fls.doubleclick.net/activityi;dc_pre=CMzkvr3J7uwCFaXjuwgd48MMrQ;src=8496525;type=pagev0;cat=allpa0;ord=4237487000595;gtm=2wgas1;auiddc=808466295.1604688226;~oref=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 965 B
761 B 15ms
15ms Script
application/x-javascript 2a02:26f0:eb:389::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:389::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=13571
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 hotjar-1315573.js Show response
static.hotjar.com/c/ 8 KB
3 KB 38ms
38ms Script
application/javascript 13.226.132.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1315573.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.93 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-93.dus51.r.cloudfront.net

Software

Resource Hash

6bd0d992f446995de1c16447dd34bfe6d77da71b1f43769dfaa0e70ef50a2dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: DUS51-C1
etag: W/a495d3cdab2e562882af557625b027a2
status: 200
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
vary: Accept-Encoding
x-amz-cf-id: 0NPhLpcbyh4NSKIC-nd0yo8KNyf5Oo_ppdia52ySLx5r0IiYgPe6vA==
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 95ms
31ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
age: 63431
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-fra19131-FRA
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1604688226.951376,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 17 KB
6 KB 158ms
65ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Tue, 30 Jun 2020 17:04:46 GMT
server: snooserv
etag: "85ee817cda81317b49d1d3056f6bdf95"
vary: Accept-Encoding,Origin
content-type: application/javascript
status: 200
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 5809
via: 1.1 varnish, 1.1 varnish

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 30ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 088264BB983D4EF5A1C5206B791FB6F8 Ref B: FRAEDGE1415 Ref C: 2020-11-06T18:43:45Z
status: 200
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 t.js Show response
101852.tctm.co/ 53 KB
18 KB 62ms
37ms Script
application/x-javascript 2600:9000:21f3:1a00:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://101852.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:1a00:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 5af3c0da60b72ee282edb170e04a8a0ec199889bd6a29dbbaa7243cb270b636c

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: gzip
last-modified: Fri, 06 Nov 2020 18:43:45 GMT
server: ctm
x-amz-cf-pop: FRA2-C2
etag: W/5fa5996100018ddc134891b9-101852
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: p7oZ3kovYuc3EFyrnkSLMelclUSZjgHVjiz1X9m8lZT_B8M1srgLkQ==
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/436855597/0ea335d5c1d913d7c45b/12/ 33 KB
11 KB 465ms
206ms Script
text/javascript 54.84.142.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/436855597/0ea335d5c1d913d7c45b/12/swap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.142.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-142-222.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9e4dc0c3e1e6ccc1c4b33db7be06333bc7ee43a805eda864504de5029286bac1

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.005353
date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"9e4dc0c3e1e6ccc1c4b33db7be06333b"
content-type: text/javascript; charset=utf-8
status: 200, 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 6a894148-e8b0-4513-ab6d-21640844a6ec

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: 9AeDGel0kZj13of4UCIMuxARnuJcPAhjH/UHuN88lUwoJaTxFe1Zoc1Cq+pQTx0nFy3gYLWyUZBURNCSoazFOw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Fri, 06 Nov 2020 18:43:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 766dfdc0-eb09-0138-7ea0-06b4c2516bae Show response
tag.simpli.fi/sifitag/ 4 KB
5 KB 128ms
57ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/766dfdc0-eb09-0138-7ea0-06b4c2516bae

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TSLRT8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

de3e62eea3d8ce417cd7d88eff0f1c0864dd0865df26f2fc8fae4d43adb80e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3929
x-request-id: FkT_cIgPkaF6jZgFNY7h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1075587&t=1
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1075587%26t%3D1

0
1 KB

56ms
55ms

Script
application/javascript

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1075587%26t%3D1

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Nov 2020 18:43:46 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.112:80
AN-X-Request-Uuid: add52145-037f-40b2-8de7-bfdf41ec3baa
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Nov 2020 18:43:46 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 733.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.230:80
AN-X-Request-Uuid: b084f40b-f867-48e0-9e06-3952d9a365f6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1075587%26t%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 118ms
35ms Script
application/x-javascript 104.111.241.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=4cFM6C1IaFWe0rRM46C2&cs=1&gtmcb=1446588462
https://rtd-tm.everesttech.net/ct/upi/?sid=4cFM6C1IaFWe0rRM46C2&cs=1&gtmcb=1446588462&_test=X6WZYgAAAIpJYFLS
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WDZXWllnQUFBSXBKWUZMUw

170 B
813 B

173ms
56ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WDZXWllnQUFBSXBKWUZMUw

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
server: HTTP server (unknown)
content-type: image/png
status: 200
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
via: 1.1 varnish
server: Jetty(9.3.8.v20160314)
x-timer: S1604688226.280503,VS0,VE99
status: 302
x-served-by: cache-fra19136-FRA
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WDZXWllnQUFBSXBKWUZMUw
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 modules.8d61e969c7deff2570c5.js Show response
script.hotjar.com/ 362 KB
71 KB 39ms
38ms Script
application/javascript 13.226.132.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8d61e969c7deff2570c5.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1315573.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.59 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-59.dus51.r.cloudfront.net

Software

Resource Hash

cffc573bb349054cbbe8ff16713e646774262ae4810202c7421dae2bf5f8a38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:35:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11309
x-cache: Hit from cloudfront
status: 200
content-length: 72516
access-control-allow-origin: *
last-modified: Fri, 06 Nov 2020 15:31:31 GMT
etag: "8a26168d6b1bbbe3b048a7e671a8ab78"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3b811cf25a4fdc818f7cfcb16b38d622.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: vaHa5DjT_Onh7e7mqJ69Pt-a6AYjAC-LMmXZdT8G0lgpg1PsCApsPQ==

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5BTND3T&t=gtm5&cid=1002922544.1604688226

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4df1647df2c3a8a47bde198279be155f67bfca8f11dcc65ca93ad6acecec64dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:45 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35332
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Nov 2020 18:43:45 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:eb:389::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:eb:389::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=33074
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 20 KB
7 KB 110ms
37ms Script
application/x-javascript 13.226.132.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/home.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.6 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-6.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c5741c28b6cb20aedd60d64973e806ee01f5540e752f6c0302910ac44bf9c54a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 10:59:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27883
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
status: 200
content-length: 6593
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Nov 2020 10:58:47 GMT
server: AmazonS3
etag: "01edd1d433529d4e7a5fa7a1d22985c1"
content-type: application/x-javascript
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: rW4D7mJGCayFU38rqbj4Io8u6GMN9WcFHIIVexV4ryz0efneUmIBSw==

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame FB99 0
0 35ms
35ms Document
text/html 13.226.132.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1315573.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.55 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-55.dus51.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mdlnext.mdlive.com/home
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mdlnext.mdlive.com/home

Response headers

status: 200
content-type: text/html
content-length: 851
date: Mon, 05 Oct 2020 13:02:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 05 Oct 2020 11:02:22 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MOhgJCB89aImsogPATcpIj7b35pO4aNswo6NH8q_6puWWvnnnI5EMA==
age: 2785261

GET
H2 200 sign-in.js
mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/ 0
6 KB 15ms
14ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/sign-in.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBD) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8FBD)
age: 337146
status: 200
etag: W/"4266-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 5876
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 register.js
mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/ 0
4 KB 15ms
15ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/register.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8FA5)
age: 337146
status: 200
etag: W/"2b62-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 3666
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 29107295.1bc5ddf06a2a1e940097.js
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 0
24 KB 16ms
11ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/29107295.1bc5ddf06a2a1e940097.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFC) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Wed, 28 Oct 2020 09:46:11 GMT
server: ECAcc (frc/8FFC)
age: 807023
status: 200
etag: W/"117ec-1756e99beb8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 24627
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 89f789fedb55bc43a22a6c1489584e7c88b167fb.94d2069fa24006f262c3.js
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 0
5 KB 13ms
8ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/89f789fedb55bc43a22a6c1489584e7c88b167fb.94d2069fa24006f262c3.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F24) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F24)
age: 337147
status: 200
etag: W/"45cc-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 5409
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 30373fb2c514246f65f4f5e4117e367e63f91fd8.718fc7198ee148d8e314.js
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 0
7 KB 14ms
10ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/30373fb2c514246f65f4f5e4117e367e63f91fd8.718fc7198ee148d8e314.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F48) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F48)
age: 337146
status: 200
etag: W/"5b96-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 7493
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 07b8f8ab3b25a13153a8f3f85f177f2a737b9231.1c07a80aac40ed73d131.js
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 0
9 KB 16ms
12ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/07b8f8ab3b25a13153a8f3f85f177f2a737b9231.1c07a80aac40ed73d131.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F97) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F97)
age: 337146
status: 200
etag: W/"8e8d-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 9201
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 200 ccb54899db65b7aa52145c341805a058ec4bb841.5a195ed785e3cc9b83dd.js
mdlnext-prodcdn.azureedge.net/_next/static/chunks/ 0
17 KB 19ms
15ms Other
application/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mdlnext-prodcdn.azureedge.net/_next/static/chunks/ccb54899db65b7aa52145c341805a058ec4bb841.5a195ed785e3cc9b83dd.js
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/runtime/main-5cb108aba9d49efb48af.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F53) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 19:46:42 GMT
server: ECAcc (frc/8F53)
age: 337146
status: 200
etag: W/"fba0-1758a7f54d0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 17182
access-control-allow-method: GET,OPTIONS,HEAD

GET
H2 204 0
bat.bing.com/action/ 0
116 B 28ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5694475&Ver=2&mid=0e5b1835-2dd5-461e-8682-60c8d831ed2a&sid=006d6ca0206011eb8378c5a9dda88042&vid=006d8af0206011eb8e67239e30d532ba&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE&p=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&r=&lt=1331&evt=pageLoad&msclkid=N&sv=1&rn=29335
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Fri, 06 Nov 2020 18:43:45 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 3C70E676D8824686A545692AB0657C06 Ref B: FRAEDGE1415 Ref C: 2020-11-06T18:43:46Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/872577490/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/872577490/?random=1604688226115&cv=9&fst=1604688226115&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&tiba=Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e12467e28930e42e5afbbdf80f8ccd92d68aec0220a877c0f1741130be901c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
125 B 235ms
141ms Image
image/gif 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1604688226159&id=t2_66f43vpy&event=PageVisit&uuid=af0a5653-12ec-49de-9848-0414aac652c8&s=VtYpyEsR5IAwucReFvHlccUyLL7U6bMEK3qf6j3Eb4s%3D
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 1866890630207070 Show response
connect.facebook.net/signals/config/ 235 KB
69 KB 246ms
243ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1866890630207070?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c610a819f81cbc2477f47be3457a81b66db2ecc6dd6429a6daf70870a01f08bd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-trip-id: 664085054
pragma: public
x-fb-debug: JXSkPN8/n79L5PN/2G2qh89swFmnei6Kqq0OVDJcrTQ5ZlL2VcC/ZFFytSwRDL4gqxwFfL6nngdxl3uykuQePw==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Fri, 06 Nov 2020 18:43:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 43ms
42ms Script
application/x-javascript 104.111.241.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.241.218 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-241-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sun, 14 Feb 2021 18:43:46 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320322&time=1604688226179&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D320322%26time%3D1604688226179%26url%3Dhttps%253A%252F%252Fmdlnext.mdlive.com%252F...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320322&time=1604688226179&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&liSync=true

0
40 B

179ms
179ms

Image
application/javascript

2a05:f500:11:101::b93f:9005
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320322&time=1604688226179&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&liSync=true
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 0
x-li-uuid: K+n8tnD/RBZgyLKzWCsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: PPtfr3D/RBYADEjO2ioAAA==
pragma: no-cache
x-li-pop: afd-prod-esv5
x-msedge-ref: Ref A: 216E0C709A264AA89F122C2A920738E8 Ref B: FRAEDGE0814 Ref C: 2020-11-06T18:43:46Z
x-frame-options: sameorigin
date: Fri, 06 Nov 2020 18:43:46 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=320322&time=1604688226179&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
448 B 239ms
152ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o02i3&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 06 Nov 2020 18:43:46 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ad48c841caf390d4573085480acb2874
x-transaction: 000f083300aa1d2f
expires: Tue, 31 Mar 1981 05:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
68 B 14ms
13ms XHR
text/plain 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1908345071&t=pageview&_s=1&dl=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&ul=en-us&de=UTF-8&dt=Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=657893009&gjid=578266047&cid=1002922544.1604688226&tid=UA-4075052-1&_gid=1035119090.1604688226&_r=1&gtm=2wgas1TSLRT8&z=1715370951

Requested by

Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/_app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://mdlnext.mdlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 17ms
15ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-4075052-1&cid=1002922544.1604688226&jid=657893009&gjid=578266047&_gid=1035119090.1604688226&_u=aGDAAEACQAAAAC~&z=274250538

Requested by

Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/_app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 Nov 2020 18:43:46 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://mdlnext.mdlive.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1315573/ 178 B
321 B 152ms
54ms XHR
application/json 34.251.150.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1315573/visit-data?sv=6
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.150.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-150-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/ Frame CC1D 0
0 43ms
43ms Document
text/html 13.226.132.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=58ef81380000ff0005a06aa4

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.132.6 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-132-6.dus51.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: widget.trustpilot.com
:scheme: https
:path: /trustboxes/54ad5defc6454f065c28af8b/index.html?templateId=54ad5defc6454f065c28af8b&businessunitId=58ef81380000ff0005a06aa4
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mdlnext.mdlive.com/home
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mdlnext.mdlive.com/home

Response headers

status: 200
content-type: text/html
content-length: 2881
date: Thu, 05 Nov 2020 21:18:49 GMT
last-modified: Thu, 22 Oct 2020 10:45:31 GMT
etag: "f2c1c6c2bfff35ba8d47506b00770d31"
x-amz-server-side-encryption: AES256
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 90dd5141cd2d05c51d479a582cded281.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: sLBIBdOwvw8YkOkRQY1cTzfAK8cR5NS-zf1OeNCS5EMgPVjrvZXMUw==
age: 77098

GET
H2 200 /
www.google.com/pagead/1p-user-list/872577490/ 42 B
107 B 20ms
20ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/872577490/?random=1604688226115&cv=9&fst=1604685600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&frm=0&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&tiba=Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE&async=1&fmt=3&is_vtc=1&random=905288032&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/872577490/ 42 B
107 B 70ms
69ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/872577490/?random=1604688226115&cv=9&fst=1604685600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgas1&sendb=1&frm=0&url=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&tiba=Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE&async=1&fmt=3&is_vtc=1&random=905288032&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 35ms
34ms Image
image/gif 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-4075052-1&cid=1002922544.1604688226&jid=657893009&_u=aGDAAEACQAAAAC~&z=1056605977

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
87 B 32ms
31ms Image
image/gif 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-4075052-1&cid=1002922544.1604688226&jid=657893009&_u=aGDAAEACQAAAAC~&z=1056605977

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 external_forms.js Show response
js.callrail.com/companies/436855597/ 22 KB
8 KB 343ms
119ms Script
text/javascript 52.205.51.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://js.callrail.com/companies/436855597/external_forms.js?t=1604688226414&

Requested by

Host: cdn.callrail.com
URL: https://cdn.callrail.com/companies/436855597/0ea335d5c1d913d7c45b/12/swap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.205.51.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-205-51-47.compute-1.amazonaws.com

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

da6b4aa6b54043adf04b48efc5d79af9b516d6c35b78464b5cd6b4afc815036d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.001358
date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.18.0 (Ubuntu)
etag: W/"da6b4aa6b54043adf04b48efc5d79af9"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200, 200 OK
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-request-id: 98b55c9e-39dc-4922-a8db-a33dde371a4d

POST
H2 200 swap_session.json Show response
js.callrail.com/group/0/0ea335d5c1d913d7c45b/12/ 134 B
498 B 427ms
196ms XHR
application/json 52.205.51.47
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://js.callrail.com/group/0/0ea335d5c1d913d7c45b/12/swap_session.json
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/_app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.51.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-51-47.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a16c2bf1b21db196ddf564a979a6a1b8d9c2386427888f057a2c7185c85239de

Request headers

Accept: application/json
Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

x-runtime: 0.083102
date: Fri, 06 Nov 2020 18:43:46 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
status: 200, 200 OK
etag: W/"a16c2bf1b21db196ddf564a979a6a1b8"
vary: Origin
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=0, private, must-revalidate
x-request-id: 702200ce-76e7-4b50-a49a-eaf49ded7289
access-control-expose-headers

GET
H2 200 p Show response
i.simpli.fi/ 752 B
1 KB 33ms
31ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_48711636065._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/766dfdc0-eb09-0138-7ea0-06b4c2516bae

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

94f95680a2769d0a94efe0077ea15583bdc86511b517a57607dcd9b9bc4ef5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK visitWebPage Show response
116-ahj-010.mktoresp.com/webevents/ 2 B
311 B 854ms
176ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://116-ahj-010.mktoresp.com/webevents/visitWebPage?_mchNc=1604688226442&_mchCn=&_mchId=116-AHJ-010&_mchTk=_mch-mdlive.com-1604688226441-59638&_mchHo=mdlnext.mdlive.com&_mchPo=&_mchRu=%2Fhome&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: mdlnext-prodcdn.azureedge.net
URL: https://mdlnext-prodcdn.azureedge.net/_next/static/sX1ygFocMz20EyPxl5OCq/pages/_app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:47 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f864f192-5e43-47e7-956a-f6519601cea1

GET
H2 200 344125373567456 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 60ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/344125373567456?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3988297cfc3ce9cd5d8d05dde5ef27f1b07aeb368c5a52e0df0dd375a9f28b8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-trip-id: 664085054
pragma: public
x-fb-debug: woYiWv936iOxtL0/pjgborz0F01uEYBbB3Rx0CqqAh5ckb309+7mOHKf8Tw6CpXC3x6JyseW54SnSFAWJ03l8g==
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: DENY
date: Fri, 06 Nov 2020 18:43:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1866890630207070&ev=PageView&dl=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&rl=&if=false&ts=1604688226487&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1604688226486.926478138&it=1604688226171&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Nov 2020 18:43:46 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=1EC47A9961E640D890D04294CEF88A43

43 B
183 B

273ms
88ms

Image
image/gif

2600:1f18:612b:4200:cb3:5c60:7c23:c0c7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:cb3:5c60:7c23:c0c7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 06 Nov 2020 18:43:46 GMT
server: Apache-Coyote/1.1
content-type: image/gif
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date: Fri, 06 Nov 2020 18:43:46 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://simplifi.partners.tremorhub.com/sync?UISF=1EC47A9961E640D890D04294CEF88A43
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:46 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=344125373567456&ev=PageView&dl=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&rl=&if=false&ts=1604688226703&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1604688226486.926478138&it=1604688226171&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Nov 2020 18:43:46 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=1EC47A9961E640D890D04294CEF88A43
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1EC47A9961E640D890D04294CEF88A43

95 B
426 B

67ms
66ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1EC47A9961E640D890D04294CEF88A43

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
status: 200
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Fri, 06 Nov 2020 18:43:47 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
status: 302
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=1EC47A9961E640D890D04294CEF88A43
strict-transport-security: max-age=31536000
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=1EC47A9961E640D890D04294CEF88A43
https://um.simpli.fi/aa_px?sk=164980703597001512002

43 B
410 B

30ms
29ms

Image
image/gif

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164980703597001512002

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 Nov 2020 18:43:47 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:47 GMT
server: AAWebServer
status: 302
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164980703597001512002
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ 43 B
410 B 33ms
33ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1EC47A9961E640D890D04294CEF88A43

0
0

115ms
34ms

Image
text/html

13.226.132.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.132.62 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-132-62.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=1EC47A9961E640D890D04294CEF88A43
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
410 B 35ms
35ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
410 B 35ms
34ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=1EC47A9961E640D890D04294CEF88A43;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=1EC47A9961E640D890D04294CEF88A43;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics&google_cm&google_sc
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHEtVGR4lPVjnc2xHDTx46Y&google_cver=1

43 B
410 B

21ms
14ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHEtVGR4lPVjnc2xHDTx46Y&google_cver=1
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8eee:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:47 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
status: 200
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:47 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEHEtVGR4lPVjnc2xHDTx46Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=1EC47A9961E640D890D04294CEF88A43&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=1EC47A9961E640D890D04294CEF88A43&j=0&xl8blockcheck=1

0
759 B

39ms
38ms

Image
text/plain

136.144.49.28
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=1EC47A9961E640D890D04294CEF88A43&j=0&xl8blockcheck=1
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.49.28 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Fri, 06 Nov 2020 18:43:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 06 Nov 2020 18:43:47 GMT
server: nginx
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=1EC47A9961E640D890D04294CEF88A43&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
410 B 32ms
31ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=1EC47A9961E640D890D04294CEF88A43

0
421 B

440ms
107ms

Image
text/plain

3.228.45.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.45.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-45-187.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 06 Nov 2020 18:43:47 GMT

Redirect headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://sync.bfmio.com/sync?pid=141&uid=1EC47A9961E640D890D04294CEF88A43
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=1EC47A9961E640D890D04294CEF88A43

62 B
329 B

267ms
196ms

Image
image/gif

184.30.210.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.210.81 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-210-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:48 GMT
X-N: S
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: a28c
Content-Type: image/gif

Redirect headers

date: Fri, 06 Nov 2020 18:43:47 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://stags.bluekai.com/site/29931?id=1EC47A9961E640D890D04294CEF88A43
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1866890630207070&ev=Microdata&dl=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&rl=&if=false&ts=1604688227993&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1604688226486.926478138&it=1604688226171&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Nov 2020 18:43:47 GMT

GET
H2

200

tpid=1EC47A9961E640D890D04294CEF88A43
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=1EC47A9961E640D890D04294CEF88A43
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1EC47A9961E640D890D04294CEF88A43

49 B
714 B

62ms
60ms

Image
image/gif

34.245.253.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.253.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-245-253-34.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:48 GMT
status: 200
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.149
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:48 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=1EC47A9961E640D890D04294CEF88A43
cache-control: no-cache
x-server: 10.45.7.155
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=1EC47A9961E640D890D04294CEF88A43
https://ce.lijit.com/merge?pid=2&3pid=1EC47A9961E640D890D04294CEF88A43&dnr=1

0
433 B

34ms
33ms

Image
text/plain

216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=1EC47A9961E640D890D04294CEF88A43&dnr=1
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Nov 2020 18:43:48 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 06 Nov 2020 18:43:48 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=1EC47A9961E640D890D04294CEF88A43&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=344125373567456&ev=Microdata&dl=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&rl=&if=false&ts=1604688228207&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1604688226486.926478138&it=1604688226171&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 06 Nov 2020 18:43:48 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=1EC47A9961E640D890D04294CEF88A43

0
66 B

113ms
53ms

Image
text/plain

34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 451
date: Fri, 06 Nov 2020 18:43:48 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Fri, 06 Nov 2020 18:43:48 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://idsync.rlcdn.com/419566.gif?partner_uid=1EC47A9961E640D890D04294CEF88A43
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:48 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1604688226612&cv=7&fst=1604688226612&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=f...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_v...

42 B
134 B

25ms
24ms

Image
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZJmlX5O8EYmcb6S6h5AH&cid=CAQSKQCNIrLM1IeP9JxT2uHRnj-rfkijIg-L9321vEXP4u67gwVbbyx0oAE_&random=2935482857&ipr=y

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1223670646&cv=7&fst=*&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=ZJmlX5O8EYmcb6S6h5AH&cid=CAQSKQCNIrLM1IeP9JxT2uHRnj-rfkijIg-L9321vEXP4u67gwVbbyx0oAE_&random=2935482857&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1EC47A9961E640D890D04294CEF88A43
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1EC47A9961E640D890D04294CEF88A43&__user_check__=1&sync_id=01d63671-2060-11eb-95c0-1974e5cf2f06

43 B
548 B

32ms
32ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=1EC47A9961E640D890D04294CEF88A43&__user_check__=1&sync_id=01d63671-2060-11eb-95c0-1974e5cf2f06
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 06 Nov 2020 18:43:48 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 28
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 06 Nov 2020 18:43:48 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=1EC47A9961E640D890D04294CEF88A43&__user_check__=1&sync_id=01d63671-2060-11eb-95c0-1974e5cf2f06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=1EC47A9961E640D890D04294CEF88A43

43 B
1 KB

119ms
37ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=1EC47A9961E640D890D04294CEF88A43

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Nov 2020 18:43:48 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.78:80
AN-X-Request-Uuid: 2e73f638-1102-45a7-a025-62756795b7a3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Fri, 06 Nov 2020 18:43:48 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://ib.adnxs.com/setuid?entity=66&code=1EC47A9961E640D890D04294CEF88A43
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:48 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1EC47A9961E640D890D04294CEF88A43&expires=365

0
239 B

141ms
37ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1EC47A9961E640D890D04294CEF88A43&expires=365
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Fri, 06 Nov 2020 18:43:48 GMT
x-content-type-options: nosniff
server: nginx
status: 302
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=1EC47A9961E640D890D04294CEF88A43&expires=365
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Thu, 05 Nov 2020 18:43:48 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=1EC47A9961E640D890D04294CEF88A43
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1EC47A9961E640D890D04294CEF88A43

43 B
180 B

71ms
71ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1EC47A9961E640D890D04294CEF88A43
Requested by: Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.197.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:48 GMT
via: 1.1 google
server: OXGW/16.197.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 06 Nov 2020 18:43:48 GMT
via: 1.1 google
server: OXGW/16.197.0
status: 302
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=1EC47A9961E640D890D04294CEF88A43
alt-svc: clear
content-length: 0

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEM0oAoGHNCGgh2fv1Zpv4e4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=1EC47A9961E640D890D04294CEF88A43
https://um.simpli.fi/g_match?id=

0
321 B

30ms
29ms

Image
text/plain

159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: mdlnext.mdlive.com
URL: https://mdlnext.mdlive.com/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:48 GMT
x-content-type-options: nosniff
status: 204
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 05 Nov 2020 18:43:48 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Nov 2020 18:43:48 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
653 B 244ms
155ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=o02i3&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 18:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Fri, 06 Nov 2020 18:43:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 677d16c5426e19ccc6f610c8aa3aef4b
x-transaction: 008707c400535f6e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1908345071&t=event&ni=0&_s=1&dl=https%3A%2F%2Fmdlnext.mdlive.com%2Fhome&ul=en-us&de=UTF-8&dt=Doctors%20On%20Call%2024%20Hours%20-%20Urgent%20Care%20Online%20Doctor%20Visits%20%7C%20MDLIVE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ClientID&ea=Get%20ClientID&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1002922544.1604688226&tid=UA-4075052-1&_gid=1035119090.1604688226&gtm=2wgas1TSLRT8&cd2=1002922544.1604688226&z=1019365588

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mdlnext.mdlive.com/home
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Nov 2020 03:35:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54517
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mdlive.com/	1970-01-19 15:54:24	Name: _fbp Value: fb.1.1604688226486.926478138
.mdlive.com/	1970-01-20 07:16:00	Name: _mkto_trk Value: id:116-AHJ-010&token:_mch-mdlive.com-1604688226441-59638
.mdlive.com/	1970-01-19 22:30:24	Name: calltrk_landing Value: https%3A//mdlnext.mdlive.com/home
.doubleclick.net/	1970-01-19 23:06:24	Name: IDE Value: AHWqTUkqA-nCLVaumto7EHIsPnSNwCHjPU4ZokBkonh9AhPaNacuVqzsN7MnTPAa
.mdlive.com/	1970-01-19 22:30:24	Name: calltrk_referrer Value: direct
.mdlive.com/	1970-01-19 13:44:50	Name: _hjAbsoluteSessionInProgress Value: 0
mdlnext.mdlive.com/	1969-12-31 23:59:59	Name: __ctmid Value: 5fa5996100018ddc134891b9
.mdlive.com/	1970-01-19 22:30:24	Name: calltrk_session_id Value: 146e5932-ec4c-45ad-b65f-c8d00d90934d
.mdlive.com/	1970-01-19 15:54:24	Name: _gcl_au Value: 1.1.808466295.1604688226
.mdlive.com/	1970-01-19 13:44:50	Name: _hjFirstSeen Value: 1
.mdlive.com/	1969-12-31 23:59:59	Name: __ctmid Value: 5fa5996100018ddc134891b9
.mdlive.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.mdlive.com/	1970-01-19 13:44:48	Name: _gat_UA-4075052-1 Value: 1
.mdlive.com/	1970-01-20 07:16:00	Name: _ga Value: GA1.2.1002922544.1604688226
.mdlive.com/	1970-01-19 22:30:24	Name: _hjid Value: 483268f9-e1d0-4a28-a8ff-0427194af676
.mdlnext.mdlive.com/	1970-01-19 15:54:24	Name: _rdt_uuid Value: 1604688226158.af0a5653-12ec-49de-9848-0414aac652c8
mdlnext.mdlive.com/	1970-01-19 13:44:48	Name: _hjIncludedInPageviewSample Value: 1
.mdlive.com/	1970-01-19 14:08:12	Name: _uetvid Value: 006d8af0206011eb8e67239e30d532ba
.mdlive.com/	1970-01-19 13:46:14	Name: _uetsid Value: 006d6ca0206011eb8378c5a9dda88042
mdlnext.mdlive.com/	1970-01-19 13:44:48	Name: _hjIncludedInSessionSample Value: 1
.mdlive.com/	1970-01-19 13:46:14	Name: _gid Value: GA1.2.1035119090.1604688226

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

101852.tctm.co
116-ahj-010.mktoresp.com
8496525.fls.doubleclick.net
aa.agkn.com
alb.reddit.com
analytics.twitter.com
bat.bing.com
bcp.crwdcntrl.net
cdn.callrail.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
js.callrail.com
loadm.exelator.com
mdlnext-prodcdn.azureedge.net
mdlnext.mdlive.com
munchkin.marketo.net
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
rtd-tm.everesttech.net
script.hotjar.com
secure.adnxs.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
t.co
tag.simpli.fi
um.simpli.fi
us-u.openx.net
vars.hotjar.com
widget.trustpilot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.mdlive.com
www.redditstatic.com
104.111.241.218
104.209.240.184
104.244.42.131
104.244.42.133
13.226.132.55
13.226.132.59
13.226.132.6
13.226.132.62
13.226.132.93
136.144.49.28
137.116.88.213
151.101.12.157
151.101.14.49
159.253.128.183
169.50.137.176
172.217.18.98
172.217.21.230
184.30.210.81
185.33.221.11
185.33.221.52
185.94.180.125
192.28.147.68
199.232.53.140
216.52.2.48
2600:1901:0:8eee::
2600:1f18:612b:4200:cb3:5c60:7c23:c0c7
2600:9000:21f3:1a00:12:de4a:40:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2003
2a00:1450:4001:815::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2004
2a00:1450:400c:c07::9d
2a02:26f0:eb:389::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
3.228.45.187
34.120.207.148
34.245.253.34
34.251.150.2
35.227.248.159
35.244.159.8
52.205.51.47
52.28.175.104
54.84.142.222
69.173.144.165
06669cd3df9241d9928a3b0ccb60a1ad8102ce92e3ceceb8fe50ce7f4e1bbb8c
0a89450e934973680286a1f5ecceb65c4bc556acf5c583aabcee01abd0e85364
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bfb81a6d3e2ed2e0cb381a9f933355ff00e64cd0d80724e83559861cad12711
0cd521c64f50e661c1475b5f86d060d1fdd5ea9a206de54e651b1c78d603f599
0d2d7e85399aa43acafd1d28d9bcf0cca0b49b846c38cd0a536238905cae5848
0e91871372fcdd2a591971fe2ed042d4d4f59eee7fcc48fd4fe4b49ca54d7a66
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
170f0d4d087ca7e21adda2b229c0a16356f26a0c539b2d9f4b58c6653e5c1c9e
1974cd2dee96bee2dc81d1337b0488cedb74fbabb3cab7a84df1ec9b88150e4c
1ea85b5ea45b6d3cca4aaa0366056317429880d17b0f35b706ffb131065d4007
24a937f98bc8d0855167c0bbfc9a36d0afc5e2b1f0d68765579b608f14e94fa8
28a3d5d134944b852f4e058a11bbb020478ae88c60959fa99beb4277e93f6f98
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3cc09be32486a363f6a7ed6789e2c7e75bdf0afb57bd963f2aef30789add703c
3e12467e28930e42e5afbbdf80f8ccd92d68aec0220a877c0f1741130be901c3
3e910002f6fa48e39cd00342fa66d47baf15b133c052fab95d80da3435c34406
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42a9e3f1e7b5d109055eb9011ecdacec88c2af7ee7314c3a148054e1273228fb
44a34cd39241e4f794cf57a57c245d32f3d1eab5f4e7a015e2352defb953e42a
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
464b6c89ae6661dc3baa1da2cf4f8065769221fcebc72643066b1ff1a00f5b03
495e76ed492babf779ec2870c71fa569abb6093077f79d4b51dd49e75fa49461
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4df1647df2c3a8a47bde198279be155f67bfca8f11dcc65ca93ad6acecec64dc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5af3c0da60b72ee282edb170e04a8a0ec199889bd6a29dbbaa7243cb270b636c
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5fad686deb42dc586c108430819062296223ceac28edc875cf3b6e867e5b0958
60233cee5eb1a9e306de23d10c095d462909c3462f185071807a38bcd4b7906a
612e64e15e252f7cc22a28d1ccded5585d1727831b9042f78b41e7a83de6701f
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
634f472cfe6c39faea070feb2c8385c6f7665486c469c1be18f9bb1ab0d3087a
6b2a18542ff1f5ef15dfda0cc4cd92b53bc97632a22d75ff69eb2fd9c5aa9f7d
6bd0d992f446995de1c16447dd34bfe6d77da71b1f43769dfaa0e70ef50a2dc5
6ed02744934d3e4bbfb307f52035b0cc325702d1dc609357a54ebaeba0805c32
7697fbe7f36e4c7b429f6fc20d0b8c8bb2aa0fa91d4632c47c4b02b8661ffccb
80ccbb83020338bcbf259b3b559ecb1ae6b7f58b6d9cb1530090e6d5c65cfac0
814e1617c3adb8805acdd0e303ae915ed4667e1d49d2aa0cb56e6b2852317d47
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e465488c16a0c9bc0990c61f315ffcac85f5f0a9dd64b95bdbe938c38d75fe4
94f95680a2769d0a94efe0077ea15583bdc86511b517a57607dcd9b9bc4ef5ed
965e62c2f6aa462322f26bc70af64e5401362bb5a3eaf85a4a78054881386439
9c98c1a2b89364898cd8b0de5569416e4c8d2e678f8b47dfeda6fca4b1572ed0
9e4dc0c3e1e6ccc1c4b33db7be06333bc7ee43a805eda864504de5029286bac1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16c2bf1b21db196ddf564a979a6a1b8d9c2386427888f057a2c7185c85239de
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0ec6e1991c23e0fec8b87a12f443204d0542636f2b7d9fb53ab3f717204477f
b99a9b64168a2e141163b44e82c06e6b665ea9c3d915097cbaac4c56d75c6bfe
b9f51ececf8aad25ad848b7a4fe8f70e28cf22a191f0496c372153d7d5e295dc
ba9d1d0e3123dba66c9939c08075040493a619c59dba2cc70adc1507d2fe35d8
baa2f32c640708e002ae8322e3d050fe87688b8ff9946b6a96bd941ea5302297
badc5c8990e8152494d92a35fed69023f6382953a43dd9114ccd386f0d02b32f
bda21a5491383f4cf645c6e53e5709e4b274db2db78075db34fb03d8a4cf0ddc
c3988297cfc3ce9cd5d8d05dde5ef27f1b07aeb368c5a52e0df0dd375a9f28b8
c538ad9de986e696badab23a1db5d02058ff318d765419907700fd816dc95821
c5741c28b6cb20aedd60d64973e806ee01f5540e752f6c0302910ac44bf9c54a
c610a819f81cbc2477f47be3457a81b66db2ecc6dd6429a6daf70870a01f08bd
caaf25eb519d18f30c6dbb805e16f74c71174d30343e39f3337a0358a84d760f
cb6380a3f56c908096d522da2f2ed2e16cf9cce994f21c723a3fca3309043c48
ce03a5a38508b740a2b809a760d838251b1ff55388256c168384f1e35f3b9a6c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cffc573bb349054cbbe8ff16713e646774262ae4810202c7421dae2bf5f8a38e
da6b4aa6b54043adf04b48efc5d79af9b516d6c35b78464b5cd6b4afc815036d
ddfb264635e0c54279c8701481c7f09dafb142da7442392de79e8db351416aa5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3e62eea3d8ce417cd7d88eff0f1c0864dd0865df26f2fc8fae4d43adb80e0c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e88e0ed354170d8b73435fadf714ab8fff7c00b985295495d146b5eb92dc3e50
eae41e70620c848bdd9b3b8578e227513b2bf3d8594b810e9eabf1928701a396
eee9135989bba24c31044b847bffc08adf067189f23216fe26234ff7fe0416a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

mdlnext.mdlive.com Open in urlscan Pro 137.116.88.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

38 %IPv6

43 Domains

56 Subdomains

50 IPs

6 Countries

1848 kBTransfer

3634 kBSize

21 Cookies

48 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mdlnext.mdlive.com Open in urlscan Pro
137.116.88.213 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

38 %
IPv6

43
Domains

56
Subdomains

50
IPs

6
Countries

1848 kB
Transfer

3634 kB
Size

21
Cookies

117 HTTP transactions
0 data transactions