health.getroman.com Open in urlscan Pro
2606:4700::6811:b834 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesk...
Submission: On June 14 via manual (June 14th 2019, 6:40:30 pm UTC) from US

Summary HTTP 35 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 16 domains to perform 35 HTTP transactions. The main IP is 2606:4700::6811:b834, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is health.getroman.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on January 11th 2019. Valid for: 6 months.

This is the only time health.getroman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6811:b834	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6813:c397	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:10:... 2606:4700:10::6814:3f60	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	147.75.204.215 147.75.204.215	54825 (PACKET) (PACKET - Packet Host)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	147.75.83.1 147.75.83.1	54825 (PACKET) (PACKET - Packet Host)
1 3	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	151.101.0.217 151.101.0.217	54113 (FASTLY) (FASTLY - Fastly)
1	147.75.205.49 147.75.205.49	54825 (PACKET) (PACKET - Packet Host)
1 2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f01... 2a03:2880:f01c:202:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK - Facebook)
35	16

16 2606:4700::6811:b834 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

health.getroman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c397 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:3f60 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.204.215 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-22

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.83.1 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-23

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.217 (United States)

ASN54113 (FASTLY - Fastly, US)

player.vimeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.205.49 (Chicago, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-26

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:202:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	getroman.com health.getroman.com	359 KB
3	google-analytics.com 1 redirects www.google-analytics.com	44 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	91 KB
3	facebook.net connect.facebook.net	89 KB
2	facebook.com 1 redirects www.facebook.com	567 B
2	mouseflow.com 1 redirects cdn.mouseflow.com	835 B
2	legitscript.com static.legitscript.com	21 KB
1	atdmt.com cx.atdmt.com	406 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	190 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	159 B
1	vimeo.com player.vimeo.com	6 KB
1	youtube.com www.youtube.com
1	googletagmanager.com www.googletagmanager.com	25 KB
1	fontawesome.com use.fontawesome.com	370 KB
1	cloudflare.com cdnjs.cloudflare.com	17 KB
35	16

	Domain	Requested by
16	health.getroman.com	health.getroman.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	health.getroman.com connect.facebook.net
2	www.facebook.com	1 redirects health.getroman.com
2	cdn.mouseflow.com	1 redirects health.getroman.com
2	static.legitscript.com	health.getroman.com
1	cx.atdmt.com
1	www.google.de	health.getroman.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	player.vimeo.com	health.getroman.com
1	script.hotjar.com	static.hotjar.com
1	www.youtube.com	health.getroman.com
1	static.hotjar.com	health.getroman.com
1	www.googletagmanager.com	health.getroman.com
1	use.fontawesome.com	health.getroman.com
1	cdnjs.cloudflare.com	health.getroman.com
35	18

This site contains links to these domains. Also see Links.

Domain
start.ro.co
www.getroman.com
legitscript.com

Subject Issuer	Validity	Valid
ssl820224.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-11` - `2019-07-20`	6 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
ssl513990.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-16` - `2019-09-22`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-07-21`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
*.mouseflow.com COMODO RSA Domain Validation Secure Server CA	`2017-04-25` - `2020-05-09`	3 years	crt.sh
*.vimeo.com DigiCert SHA2 Secure Server CA	`2018-08-24` - `2020-04-02`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2019-06-08` - `2019-09-06`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2019-05-27` - `2019-08-25`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Frame ID: 1B91CACB1B47C382F63D6E29582EE8E1
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fivod4sawc0?rel=0&controls=0&showinfo=0
Frame ID: 1FB33DFC94AB33ABFC0094A178CA99B1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Frame ID: FDF8CFB5DEE21547F5FA5947C14D0354
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /authenticity_token/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /authenticity_token/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /moment(?:\.min)?\.js/i
env /^moment$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

35
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

1023 kB
Transfer

2802 kB
Size

11
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://start.ro.co/roman/ed/?c=5d22aa9efe8abd225161f8a9bd48a329
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.getroman.com/drugs/viagra/#ISI
Title: IMPORTANT SAFETY INFORMATION

Search URL Search Domain Scan URL

URL: https://www.getroman.com/drugs/cialis/#ISI
Title: IMPORTANT SAFETY INFORMATION

Search URL Search Domain Scan URL

URL: https://www.getroman.com/romanhood
Title: BLOG

Search URL Search Domain Scan URL

URL: https://www.getroman.com/condition/erectile-dysfunction/
Title: ERECTILE DYSFUNCTION

Search URL Search Domain Scan URL

URL: https://www.getroman.com/drugs/erectile-dysfunction/
Title: MEDICATION

Search URL Search Domain Scan URL

URL: https://www.getroman.com/drugs/viagra/
Title: SILDENAFIL (VIAGRA)

Search URL Search Domain Scan URL

URL: https://www.getroman.com/drugs/cialis/
Title: TADALAFIL (CIALIS)

Search URL Search Domain Scan URL

URL: https://www.getroman.com/guides/
Title: MEDICAL GUIDES

Search URL Search Domain Scan URL

URL: https://www.getroman.com/our-story/
Title: OUR STORY

Search URL Search Domain Scan URL

URL: https://www.getroman.com/our-story/#leadership-team
Title: LEADERSHIP

Search URL Search Domain Scan URL

URL: https://www.getroman.com/press/
Title: PRESS

Search URL Search Domain Scan URL

URL: https://www.getroman.com/jobs/
Title: JOBS

Search URL Search Domain Scan URL

URL: https://www.getroman.com/roman-stories/
Title: MEMBER STORIES

Search URL Search Domain Scan URL

URL: http://legitscript.com/pharmacy/getroman.com

Search URL Search Domain Scan URL

URL: https://www.getroman.com/terms/
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.getroman.com/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.getroman.com/
Title: Full site

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://cdn.mouseflow.com/projects/0e85af89-f224-4a34-a84d-bde15962ad93.js HTTP 301
https://cdn.mouseflow.com/projects/0e85af89-f224-4a34-a84d-bde15962ad93_eu.js

Request Chain 32

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1814242998&t=pageview&_s=1&dl=https%3A%2F%2Fhealth.getroman.com%2Fedmedication-visit%2F1%3Fro_ch%3Dpubs%26ro_p%3Deverflow%26ro_con%3D0%26ro_c%3D177%26ro_g%3D25%26ro_t%3DPCH%26ro_n%3Dsweepsdesktop%26ro_d%3DPC%26utm_source%3DPCH%26utm_medium%3Dpubs%26utm_campaign%3DPCH_sweepsdesktop_EDLPallromanrx&ul=en-us&de=UTF-8&dt=E.D.%20treatments%20prescribed%20online.%20Delivered%20to%20your%20door&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBACUADR~&jid=29907135&gjid=459067085&cid=1325834621.1560537615&tid=UA-97117869-1&_gid=2019256286.1560537615&_r=1&gtm=2ou651&z=410622903 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_gid=2019256286.1560537615&gjid=459067085&_v=j76&z=410622903 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_v=j76&z=410622903 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_v=j76&z=410622903&slf_rd=1&random=4232308634

Request Chain 33

https://www.facebook.com/tr/?id=1128849913884733&ev=Microdata&dl=https%3A%2F%2Fhealth.getroman.com%2Fedmedication-visit%2F1%3Fro_ch%3Dpubs%26ro_p%3Deverflow%26ro_con%3D0%26ro_c%3D177%26ro_g%3D25%26ro_t%3DPCH%26ro_n%3Dsweepsdesktop%26ro_d%3DPC%26utm_source%3DPCH%26utm_medium%3Dpubs%26utm_campaign%3DPCH_sweepsdesktop_EDLPallromanrx&rl=&if=false&ts=1560537616857&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22E.D.%20treatments%20prescribed%20online.%20Delivered%20to%20your%20door%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.52&r=stable&ec=1&o=30&fbp=fb.1.1560537615351.1390515694&it=1560537614957&coo=false&es=automatic&rqm=GET HTTP 302
https://cx.atdmt.com/?c=3754443992195154434&f=AYwo0Ezb4Ho0O8ym-MIKRaH0vYTXIopNRRdIElWS5yvP7Elt9IDPEDOsYT8WeWKyYWo-_JP3E5Qkr5k0KJKjhwAc&id=1128849913884733&l=3&v=0

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1 Show response
health.getroman.com/edmedication-visit/ 18 KB
7 KB 577ms
496ms Document
text/html 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

d43c5d93bd97545ccfd540e677c477a9b95d6f0dcacf41802fbb72a36d523a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: health.getroman.com
:scheme: https
:path: /edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Jun 2019 18:40:14 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d403c39a53de998d962ca5f1f7a114a051560537614; expires=Sat, 13-Jun-20 18:40:14 GMT; path=/; domain=.getroman.com; HttpOnly _roman_session=MDZISlJNMTNyQnVoUFJPNUgvanNCRkdzZmh3dk1YRWRnZEs5ZXhZWXowNlhGSno2WjQ4bU5qaU5qYjZQT0dCci9Pbm1NM0Urb1ZleEo0ZXQ0WXFnM25Qd3Q3Tysra0gvTThBMGZmTkt4cVNlZ3VhSklxL2FuWnZ6NHhhMTBSUUJwNFMwRU1KbEs0SmdCRmphMlY4Z0VBPT0tLTE3L3d5RXRWV3ByYW5KM3V3SWxhTnc9PQ%3D%3D--460bb8d2138d177ea4d490cabf88364b826a07e3; path=/; secure; HttpOnly
cache-control: max-age=0, private, must-revalidate
cf-railgun: direct (starting new WAN connection)
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 vegur
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-request-id: 6db4f881-74af-49bf-a83a-360273eca2e6
x-runtime: 0.012941
x-xss-protection: 1; mode=block
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4e6e6e7799519766-FRA
content-encoding: gzip

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/ 50 KB
17 KB 40ms
15ms Script
application/javascript 2606:4700::6813:c397
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment.min.js

Requested by

Host: health.getroman.com
URL: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c397 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Origin: https://health.getroman.com

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Fri, 01 Jun 2018 07:15:48 GMT
server: cloudflare
etag: W/"5b10f2a4-c9df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 03 Jun 2020 18:40:14 GMT
cache-control: public, max-age=30672000
cf-ray: 4e6e6e7afc9b64a9-FRA
served-in-seconds: 0.011

GET
H2 200 application-152e41ba99d03f1110e0bf2037ce34ce9c4f2ad55b556d917e1aa4cae11b0820.css
health.getroman.com/assets/ 390 KB
45 KB 59ms
59ms Stylesheet
text/css 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://health.getroman.com/assets/application-152e41ba99d03f1110e0bf2037ce34ce9c4f2ad55b556d917e1aa4cae11b0820.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcaebb2cd443e69ae14587eef615d651713d4747e85e22f43eb3943fb1c25963

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: origSize=402567
status: 200
last-modified: Wed, 12 Jun 2019 21:23:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31459483
cf-ray: 4e6e6e7adda59766-FRA
expires: Fri, 12 Jun 2020 21:24:57 GMT

GET
H2 200 all.js Show response
use.fontawesome.com/releases/v5.1.0/js/ 893 KB
370 KB 12ms
11ms Script
application/javascript 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/js/all.js
Requested by: Host: health.getroman.com
URL: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Origin: https://health.getroman.com

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
content-encoding: gzip
last-modified: Wed, 20 Jun 2018 20:19:20 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"004993df80280fa6c4af6ca17c4e5433"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 65 KB
25 KB 59ms
56ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97117869-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bb2d088b0a1dcd6ee008607b3a5e93720c9fad01a78e813d15e6da7ee2a8c8c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
content-encoding: br
last-modified: Thu, 13 Jun 2019 17:57:39 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 25380
x-xss-protection: 0
expires: Fri, 14 Jun 2019 18:40:14 GMT

GET
H2 200 application-91e266dec731334d55bfcfd6c4b9f4eeefad5e5786a66511f57ed353a13e2a71.js Show response
health.getroman.com/assets/ 165 KB
51 KB 49ms
48ms Script
application/javascript 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://health.getroman.com/assets/application-91e266dec731334d55bfcfd6c4b9f4eeefad5e5786a66511f57ed353a13e2a71.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8b8bbf167c9709d38f57601b5523f65a95572def7b27983516fe26ff4fe42d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
cf-polished: origSize=168640
status: 200
last-modified: Mon, 04 Mar 2019 20:39:57 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31347681
cf-ray: 4e6e6e7addab9766-FRA
expires: Thu, 11 Jun 2020 14:21:35 GMT

GET
H2 200 logo-76ffbe5644b9fd6eda2d4aa46aceae85bc699e5b8debc4fee3c362f3f4bc8fbe.png
health.getroman.com/assets/ 6 KB
6 KB 17ms
16ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/logo-76ffbe5644b9fd6eda2d4aa46aceae85bc699e5b8debc4fee3c362f3f4bc8fbe.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

76ffbe5644b9fd6eda2d4aa46aceae85bc699e5b8debc4fee3c362f3f4bc8fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 21:04:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31346959
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6e949766-FRA
content-length: 5844
expires: Thu, 11 Jun 2020 14:09:33 GMT

GET
H2 200 product-hero-4635ac7438a59086915a9be9203bc1e8e27bb72c0eee0a0f81a5ee01f88dc122.png
health.getroman.com/assets/global/ 94 KB
94 KB 23ms
23ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/product-hero-4635ac7438a59086915a9be9203bc1e8e27bb72c0eee0a0f81a5ee01f88dc122.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4635ac7438a59086915a9be9203bc1e8e27bb72c0eee0a0f81a5ee01f88dc122

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31347461
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6e9d9766-FRA
content-length: 96119
expires: Thu, 11 Jun 2020 14:17:55 GMT

GET
H2 200 menshealth-1556e9367b273fb4ddc1f21c6ae4a35d31cb85ff84f1f8b2bc782909c47c6b0a.png
health.getroman.com/assets/global/ 2 KB
2 KB 19ms
18ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/menshealth-1556e9367b273fb4ddc1f21c6ae4a35d31cb85ff84f1f8b2bc782909c47c6b0a.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1556e9367b273fb4ddc1f21c6ae4a35d31cb85ff84f1f8b2bc782909c47c6b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31459482
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6ea09766-FRA
content-length: 2183
expires: Fri, 12 Jun 2020 21:24:56 GMT

GET
H2 200 newyorktimes-3139a754001d41bd5f8e8c1f0a95a387e7101dee1fa57e659c01112bc42e3c29.png
health.getroman.com/assets/global/ 3 KB
3 KB 21ms
21ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/newyorktimes-3139a754001d41bd5f8e8c1f0a95a387e7101dee1fa57e659c01112bc42e3c29.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3139a754001d41bd5f8e8c1f0a95a387e7101dee1fa57e659c01112bc42e3c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31346959
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6ea49766-FRA
content-length: 3249
expires: Thu, 11 Jun 2020 14:09:33 GMT

GET
H2 200 techcrunch-18595e34b8409a0f3a873f71d207bbe549145df99437cb95129be64d7aaeabab.png
health.getroman.com/assets/global/ 2 KB
2 KB 28ms
27ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/techcrunch-18595e34b8409a0f3a873f71d207bbe549145df99437cb95129be64d7aaeabab.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

18595e34b8409a0f3a873f71d207bbe549145df99437cb95129be64d7aaeabab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31348217
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6ea69766-FRA
content-length: 1561
expires: Thu, 11 Jun 2020 14:30:31 GMT

GET
H2 200 fastcompany-3c24666b8125ce177fdba7b3ec8344485ed61613764bad1c7d949cae2a85e60e.png
health.getroman.com/assets/global/ 3 KB
3 KB 16ms
15ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/fastcompany-3c24666b8125ce177fdba7b3ec8344485ed61613764bad1c7d949cae2a85e60e.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c24666b8125ce177fdba7b3ec8344485ed61613764bad1c7d949cae2a85e60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31347681
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6ea89766-FRA
content-length: 3416
expires: Thu, 11 Jun 2020 14:21:35 GMT

GET
H2 200 forbes-2eb2b8c70d6464c959d1422b783e38f08d4d585b395be9cb35a9782d34b2fc24.png
health.getroman.com/assets/global/ 2 KB
2 KB 49ms
49ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/forbes-2eb2b8c70d6464c959d1422b783e38f08d4d585b395be9cb35a9782d34b2fc24.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb2b8c70d6464c959d1422b783e38f08d4d585b395be9cb35a9782d34b2fc24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31347681
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6eaf9766-FRA
content-length: 1771
expires: Thu, 11 Jun 2020 14:21:35 GMT

GET
H2 200 lifehacker-161306004f546bc4babbd5b227be9a697356b4a4b3c45c91b9dd9204bca69baf.png
health.getroman.com/assets/global/ 2 KB
2 KB 57ms
57ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/lifehacker-161306004f546bc4babbd5b227be9a697356b4a4b3c45c91b9dd9204bca69baf.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

161306004f546bc4babbd5b227be9a697356b4a4b3c45c91b9dd9204bca69baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31347681
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6eb69766-FRA
content-length: 1632
expires: Thu, 11 Jun 2020 14:21:35 GMT

GET
H2 200 press-mobile-98b8157ec281a88d5c5f94ff614194f5a28936f74a95a4bcb817baddbe57066c.png
health.getroman.com/assets/global/ 14 KB
14 KB 33ms
33ms Image
image/png 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/press-mobile-98b8157ec281a88d5c5f94ff614194f5a28936f74a95a4bcb817baddbe57066c.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

98b8157ec281a88d5c5f94ff614194f5a28936f74a95a4bcb817baddbe57066c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=31347461
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6eba9766-FRA
content-length: 14770
expires: Thu, 11 Jun 2020 14:17:55 GMT

GET
H2 200 stars-0561717b6a16956417b58bda69c7f7937bd267f76fc152c3e83cb06fbd020e57.svg
health.getroman.com/assets/global/ 4 KB
708 B 56ms
56ms Image
image/svg+xml 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/global/stars-0561717b6a16956417b58bda69c7f7937bd267f76fc152c3e83cb06fbd020e57.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

0561717b6a16956417b58bda69c7f7937bd267f76fc152c3e83cb06fbd020e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 17 Apr 2019 21:06:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
content-encoding: gzip
cache-control: public, max-age=31347681
strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 4e6e6e7b6ebd9766-FRA
expires: Thu, 11 Jun 2020 14:21:35 GMT

GET
H2 200 footer-542ee6358a7c3dd606af168d07201690585fddb8e249ad61b4f012d60eac681c.jpg
health.getroman.com/assets/shared/ 82 KB
82 KB 56ms
56ms Image
image/jpeg 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://health.getroman.com/assets/shared/footer-542ee6358a7c3dd606af168d07201690585fddb8e249ad61b4f012d60eac681c.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

542ee6358a7c3dd606af168d07201690585fddb8e249ad61b4f012d60eac681c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Fri, 05 Apr 2019 13:52:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31346756
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7b6ec29766-FRA
content-length: 84212
expires: Thu, 11 Jun 2020 14:06:10 GMT

GET
H2 200 2726864.js Show response
static.legitscript.com/seals/ 335 B
584 B 232ms
64ms Script
application/javascript 2606:4700:10::6814:3f60
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.legitscript.com/seals/2726864.js
Requested by: Host: health.getroman.com
URL: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3f60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a5ce07eeccb0b087d18d3fd0deec89ab61f80e11ad7a9ea6ecbb2c2bacd6da8

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Jun 2019 18:01:33 GMT
server: cloudflare
etag: W/"5d03e0fd-14f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 4e6e6e7c2c94975a-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 83 KB
21 KB 17ms
17ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2367e6e23a85f8f930a2cb42cd0c8c81ccb3b80a1e5654667fadc01222808659

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 21518
x-xss-protection: 0
pragma: public
x-fb-debug: FeHmrYndQE+lf4uj0pegVkPv6o/w+Vrx5jBdRVtP4rgQt/JuTzjKLTuotqWXj/BWfhbtcwm5t0v2NOXnUf7reQ==
date: Fri, 14 Jun 2019 18:40:14 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1259188.js Show response
static.hotjar.com/c/ 3 KB
2 KB 31ms
30ms Script
application/javascript 147.75.204.215
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1259188.js?sv=6

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.204.215 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-22

Software

openresty /

Resource Hash

edf367bac3142d5bba570b1a72d63e99b9761e4bbfef9ff03bc641b62593f494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 315
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1722
x-cache-hit: 1
server: openresty
x-frame-options: SAMEORIGIN
etag: W/750d66ebf4977b5e91a48d493315c87e
access-control-max-age: 600
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.076
accept-ranges: bytes
section-io-id: 57abfe3de9e2c81dc4ca4552d1db4341

GET
H2 200 fivod4sawc0
www.youtube.com/embed/ Frame 1FB3 0
0 138ms
136ms Document
text/html 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/fivod4sawc0?rel=0&controls=0&showinfo=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/fivod4sawc0?rel=0&controls=0&showinfo=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx

Response headers

status: 200
strict-transport-security: max-age=31536000
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 EST
cache-control: no-cache
content-type: text/html; charset=utf-8
date: Fri, 14 Jun 2019 18:40:14 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=I4ueq09Sl3Y; path=/; domain=.youtube.com; expires=Wed, 11-Dec-2019 18:40:14 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Fri, 14-Jun-2019 19:10:14 GMT PREF=f1=50000000; path=/; domain=.youtube.com; expires=Thu, 13-Feb-2020 06:33:14 GMT VISITOR_INFO1_LIVE=I4ueq09Sl3Y; path=/; domain=.youtube.com; expires=Wed, 11-Dec-2019 18:40:14 GMT; httponly YSC=d815RMy9BYI; path=/; domain=.youtube.com; httponly
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 gibson-regular-webfont-1f193dc5481c17d72a53a9ca23329ea2e848c5f9c13387c9aeee73a35409b51d.woff2
health.getroman.com/assets/ 23 KB
23 KB 18ms
17ms Font
application/font-woff2 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://health.getroman.com/assets/gibson-regular-webfont-1f193dc5481c17d72a53a9ca23329ea2e848c5f9c13387c9aeee73a35409b51d.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f193dc5481c17d72a53a9ca23329ea2e848c5f9c13387c9aeee73a35409b51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://health.getroman.com/assets/application-152e41ba99d03f1110e0bf2037ce34ce9c4f2ad55b556d917e1aa4cae11b0820.css
Origin: https://health.getroman.com

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 21:04:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31346959
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7c4fe09766-FRA
content-length: 23300
expires: Thu, 11 Jun 2020 14:09:33 GMT

GET
H2 200 gibson-semibold-webfont-42ddb64a692680c6d8760c6f062059d1de7052eebf847eea4ea7a8c272632cd6.woff2
health.getroman.com/assets/ 23 KB
23 KB 31ms
30ms Font
application/font-woff2 2606:4700::6811:b834
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://health.getroman.com/assets/gibson-semibold-webfont-42ddb64a692680c6d8760c6f062059d1de7052eebf847eea4ea7a8c272632cd6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b834 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

42ddb64a692680c6d8760c6f062059d1de7052eebf847eea4ea7a8c272632cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://health.getroman.com/assets/application-152e41ba99d03f1110e0bf2037ce34ce9c4f2ad55b556d917e1aa4cae11b0820.css
Origin: https://health.getroman.com

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
via: 1.1 vegur
cf-cache-status: HIT
last-modified: Wed, 04 Apr 2018 21:04:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31348217
strict-transport-security: max-age=15552000; includeSubDomains
accept-ranges: bytes
cf-ray: 4e6e6e7c4fe39766-FRA
content-length: 23216
expires: Thu, 11 Jun 2020 14:30:31 GMT

GET
H2 200 1128849913884733 Show response
connect.facebook.net/signals/config/ 292 KB
67 KB 126ms
125ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1128849913884733?v=2.8.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e16a3bbcd741bf456061a26cbcbdca69927f65234936dc233719dd45a58dda2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: MQF6mCvQi/AgggszPFN66spxsAfbxKa3P+C23CyL0UYWmovLRQ4cirJ7gBzeCfwSae0kAAK9QxWQO8OnYND3Gg==
date: Fri, 14 Jun 2019 18:40:15 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.c00c9d4b7fafb51fcbbc.js Show response
script.hotjar.com/ 425 KB
89 KB 41ms
40ms Script
application/javascript 147.75.83.1
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.c00c9d4b7fafb51fcbbc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1259188.js?sv=6

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.83.1 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),

Reverse DNS

pkt-ams-k1-23

Software

Resource Hash

880cb22e04d633eff1f9d65c37c114c6e73e838581ab500b112472cdb9fa504d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jun 2019 13:02:40 GMT
access-control-allow-origin: *
etag: W/"f0e0a81241a99c3da3ef2876bbbe52f3"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.025
section-io-origin-status: 200
accept-ranges: bytes
section-io-id: 2324af27e593c1b71acba9d8e811d34b
content-length: 90731

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97117869-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 6111
date: Fri, 14 Jun 2019 16:58:24 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Fri, 14 Jun 2019 18:58:24 GMT

GET
H2 200 2726864.png
static.legitscript.com/seals/ 20 KB
21 KB 41ms
40ms Image
image/png 2606:4700:10::6814:3f60
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/2726864.png
Requested by: Host: health.getroman.com
URL: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:3f60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3674892437e2138b41992d5b066f99706f87266bf9a9e574d7c8bfc5cc8886e

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:15 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Jun 2019 18:01:33 GMT
server: cloudflare
etag: "5d03e0fd-5193"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
accept-ranges: bytes
cf-ray: 4e6e6e7eafc9975a-FRA
content-length: 20883

GET
H2

200

0e85af89-f224-4a34-a84d-bde15962ad93_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/0e85af89-f224-4a34-a84d-bde15962ad93.js
https://cdn.mouseflow.com/projects/0e85af89-f224-4a34-a84d-bde15962ad93_eu.js

802 B
683 B

7ms
7ms

Script
application/javascript

23.111.9.38
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/0e85af89-f224-4a34-a84d-bde15962ad93_eu.js
Requested by: Host: health.getroman.com
URL: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 03abf24869fdb7dabfa3c74dfa142840d34ee0ff0c7fd5412e4a62f1f6643a72

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:15 GMT
content-encoding: gzip
last-modified: Wed, 29 May 2019 23:46:41 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"1c26b1c37816d51:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=86400

Redirect headers

status: 301
date: Fri, 14 Jun 2019 18:40:15 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/0e85af89-f224-4a34-a84d-bde15962ad93_eu.js
content-type: text/html

GET
H/1.1 200
OK player.js Show response
player.vimeo.com/api/ 16 KB
6 KB 44ms
7ms Script
application/javascript 151.101.0.217
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vimeo.com/api/player.js?_=1560537614725

Requested by

Host: health.getroman.com
URL: https://health.getroman.com/assets/application-91e266dec731334d55bfcfd6c4b9f4eeefad5e5786a66511f57ed353a13e2a71.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.217 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3762ff1eeb925c3fbf76df558584273041accd4f642c590de747d1fa21c12f27

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Varnish-Cache: 0
Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 854
Via: 1.1 varnish, 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
P3p: CP="This is not a P3P policy! See https://vimeo.com/privacy"
X-Cache-Hits: 1, 1563
Connection: keep-alive
X-VServer: infra-playproxy-a-3
Content-Length: 5185
X-Xss-Protection: 1; mode=block
X-Served-By: cache-bwi5135-BWI, cache-hhn1529-HHN
X-Vimeo-DC: ge
Server: nginx
X-Timer: S1560537615.281224,VS0,VE0
Date: Fri, 14 Jun 2019 18:40:15 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges: bytes
Expires: Fri, 14 Jun 2019 18:56:01 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 76 KB
27 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-M5JX8ZN&t=gtag_UA_97117869_1&cid=1325834621.1560537615

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db44d8bdb3f2205de9f333625c3ffb1c4b729915b6671f5395dbff3574bb0035

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:15 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 26889
x-xss-protection: 0
expires: Fri, 14 Jun 2019 18:40:15 GMT

GET
H2 200 box-90f3a29ef7448451db5af955688970d7.html
vars.hotjar.com/ Frame FDF8 0
0 64ms
63ms Document
text/html 147.75.205.49
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-90f3a29ef7448451db5af955688970d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1259188.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.205.49 Chicago, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-26
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-90f3a29ef7448451db5af955688970d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx

Response headers

status: 200
date: Fri, 14 Jun 2019 18:40:15 GMT
content-type: text/html
content-length: 967
cache-control: max-age=31536000
last-modified: Tue, 30 Apr 2019 14:57:42 GMT
section-io-origin-status: 200
section-io-origin-time-seconds: 0.049
etag: W/"90f3a29ef7448451db5af955688970d7"
content-encoding: gzip
vary: Accept-Encoding
accept-ranges: bytes
section-io-id: e0275abbb0c593a8a24fd7e75befe1a0

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 1 KB
898 B 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.8.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 772
x-xss-protection: 0
pragma: public
x-fb-debug: yu7B3nobOGzz3N4ydc/kPG2vAZi+75MO5Mqh6q9ZXYCjBJwpbNxj0XOOtmOJEch3euWnFZKfrwlELVGDJS/1Fw==
date: Fri, 14 Jun 2019 18:40:15 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 11ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1128849913884733&ev=PageView&dl=https%3A%2F%2Fhealth.getroman.com%2Fedmedication-visit%2F1%3Fro_ch%3Dpubs%26ro_p%3Deverflow%26ro_con%3D0%26ro_c%3D177%26ro_g%3D25%26ro_t%3DPCH%26ro_n%3Dsweepsdesktop%26ro_d%3DPC%26utm_source%3DPCH%26utm_medium%3Dpubs%26utm_campaign%3DPCH_sweepsdesktop_EDLPallromanrx&rl=&if=false&ts=1560537615353&sw=1600&sh=1200&v=2.8.52&r=stable&ec=0&o=30&fbp=fb.1.1560537615351.1390515694&it=1560537614957&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 18:40:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 14 Jun 2019 18:40:15 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j76&a=1814242998&t=pageview&_s=1&dl=https%3A%2F%2Fhealth.getroman.com%2Fedmedication-visit%2F1%3Fro_ch%3Dpubs%26ro_p%3Deverflow%26ro_con%3D0%26ro_c...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_gid=2019256286.1560537615&gjid=459067085&_v=j76&z=410622903
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_v=j76&z=410622903
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_v=j76&z=410622903&slf_rd=1&random=4232308634

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_v=j76&z=410622903&slf_rd=1&random=4232308634

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2019 18:40:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 14 Jun 2019 18:40:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97117869-1&cid=1325834621.1560537615&jid=29907135&_v=j76&z=410622903&slf_rd=1&random=4232308634
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1128849913884733&ev=Microdata&dl=https%3A%2F%2Fhealth.getroman.com%2Fedmedication-visit%2F1%3Fro_ch%3Dpubs%26ro_p%3Deverflow%26ro_con%3D0%26ro_c%3D177%26ro_g%3D25%26...
https://cx.atdmt.com/?c=3754443992195154434&f=AYwo0Ezb4Ho0O8ym-MIKRaH0vYTXIopNRRdIElWS5yvP7Elt9IDPEDOsYT8WeWKyYWo-_JP3E5Qkr5k0KJKjhwAc&id=1128849913884733&l=3&v=0

42 B
406 B

82ms
38ms

Image
image/gif

2a03:2880:f01c:202:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=3754443992195154434&f=AYwo0Ezb4Ho0O8ym-MIKRaH0vYTXIopNRRdIElWS5yvP7Elt9IDPEDOsYT8WeWKyYWo-_JP3E5Qkr5k0KJKjhwAc&id=1128849913884733&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:202:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://health.getroman.com/edmedication-visit/1?ro_ch=pubs&ro_p=everflow&ro_con=0&ro_c=177&ro_g=25&ro_t=PCH&ro_n=sweepsdesktop&ro_d=PC&utm_source=PCH&utm_medium=pubs&utm_campaign=PCH_sweepsdesktop_EDLPallromanrx
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 14 Jun 2019 18:40:16 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 14 Jun 2019 18:40:16 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=3754443992195154434&f=AYwo0Ezb4Ho0O8ym-MIKRaH0vYTXIopNRRdIElWS5yvP7Elt9IDPEDOsYT8WeWKyYWo-_JP3E5Qkr5k0KJKjhwAc&id=1128849913884733&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: d815RMy9BYI
.getroman.com/	1970-01-19 01:28:57	Name: _gat_gtag_UA_97117869_1 Value: 1
.youtube.com/	1970-01-19 01:28:59	Name: GPS Value: 1
.getroman.com/	1970-01-19 01:30:24	Name: _gid Value: GA1.2.2019256286.1560537615
.youtube.com/	1970-01-19 05:48:09	Name: VISITOR_INFO1_LIVE Value: I4ueq09Sl3Y
.getroman.com/	1970-01-19 03:38:33	Name: _fbp Value: fb.1.1560537615351.1390515694
.getroman.com/	1970-01-19 19:00:09	Name: _ga Value: GA1.2.1325834621.1560537615
health.getroman.com/	1969-12-31 23:59:59	Name: _hjCookieTest Value: 1
.youtube.com/	1970-01-19 07:19:35	Name: PREF Value: f1=50000000
health.getroman.com/	1969-12-31 23:59:59	Name: _roman_session Value: MDZISlJNMTNyQnVoUFJPNUgvanNCRkdzZmh3dk1YRWRnZEs5ZXhZWXowNlhGSno2WjQ4bU5qaU5qYjZQT0dCci9Pbm1NM0Urb1ZleEo0ZXQ0WXFnM25Qd3Q3Tysra0gvTThBMGZmTkt4cVNlZ3VhSklxL2FuWnZ6NHhhMTBSUUJwNFMwRU1KbEs0SmdCRmphMlY4Z0VBPT0tLTE3L3d5RXRWV3ByYW5KM3V3SWxhTnc9PQ%3D%3D--460bb8d2138d177ea4d490cabf88364b826a07e3
.getroman.com/	1970-01-19 10:14:33	Name: __cfduid Value: d403c39a53de998d962ca5f1f7a114a051560537614

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
cdnjs.cloudflare.com
connect.facebook.net
cx.atdmt.com
health.getroman.com
player.vimeo.com
script.hotjar.com
static.hotjar.com
static.legitscript.com
stats.g.doubleclick.net
use.fontawesome.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
147.75.204.215
147.75.205.49
147.75.83.1
151.101.0.217
23.111.9.35
23.111.9.38
2606:4700:10::6814:3f60
2606:4700::6811:b834
2606:4700::6813:c397
2a00:1450:4001:806::200e
2a00:1450:4001:808::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::2004
2a00:1450:4001:81f::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:202:face:b00c:0:8c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
03abf24869fdb7dabfa3c74dfa142840d34ee0ff0c7fd5412e4a62f1f6643a72
0561717b6a16956417b58bda69c7f7937bd267f76fc152c3e83cb06fbd020e57
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1556e9367b273fb4ddc1f21c6ae4a35d31cb85ff84f1f8b2bc782909c47c6b0a
161306004f546bc4babbd5b227be9a697356b4a4b3c45c91b9dd9204bca69baf
18595e34b8409a0f3a873f71d207bbe549145df99437cb95129be64d7aaeabab
1f193dc5481c17d72a53a9ca23329ea2e848c5f9c13387c9aeee73a35409b51d
2367e6e23a85f8f930a2cb42cd0c8c81ccb3b80a1e5654667fadc01222808659
2eb2b8c70d6464c959d1422b783e38f08d4d585b395be9cb35a9782d34b2fc24
3139a754001d41bd5f8e8c1f0a95a387e7101dee1fa57e659c01112bc42e3c29
3762ff1eeb925c3fbf76df558584273041accd4f642c590de747d1fa21c12f27
3c24666b8125ce177fdba7b3ec8344485ed61613764bad1c7d949cae2a85e60e
42ddb64a692680c6d8760c6f062059d1de7052eebf847eea4ea7a8c272632cd6
4635ac7438a59086915a9be9203bc1e8e27bb72c0eee0a0f81a5ee01f88dc122
542ee6358a7c3dd606af168d07201690585fddb8e249ad61b4f012d60eac681c
566d12cf66ff3d64ed100bdf634ce4b2de1dfa8ce38006f1b50912594865c1ae
6a5ce07eeccb0b087d18d3fd0deec89ab61f80e11ad7a9ea6ecbb2c2bacd6da8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
76ffbe5644b9fd6eda2d4aa46aceae85bc699e5b8debc4fee3c362f3f4bc8fbe
880cb22e04d633eff1f9d65c37c114c6e73e838581ab500b112472cdb9fa504d
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
98b8157ec281a88d5c5f94ff614194f5a28936f74a95a4bcb817baddbe57066c
9bb2d088b0a1dcd6ee008607b3a5e93720c9fad01a78e813d15e6da7ee2a8c8c
cd1c301a8e7960a1786e2a959226b0b78b56dbea284bd114265f1662d6ca280e
d43c5d93bd97545ccfd540e677c477a9b95d6f0dcacf41802fbb72a36d523a15
db44d8bdb3f2205de9f333625c3ffb1c4b729915b6671f5395dbff3574bb0035
dcaebb2cd443e69ae14587eef615d651713d4747e85e22f43eb3943fb1c25963
e16a3bbcd741bf456061a26cbcbdca69927f65234936dc233719dd45a58dda2b
e3674892437e2138b41992d5b066f99706f87266bf9a9e574d7c8bfc5cc8886e
e8b8bbf167c9709d38f57601b5523f65a95572def7b27983516fe26ff4fe42d7
edf367bac3142d5bba570b1a72d63e99b9761e4bbfef9ff03bc641b62593f494
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

health.getroman.com Open in urlscan Pro 2606:4700::6811:b834 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

67 %IPv6

16 Domains

18 Subdomains

16 IPs

4 Countries

1023 kBTransfer

2802 kBSize

11 Cookies

18 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

health.getroman.com Open in urlscan Pro
2606:4700::6811:b834 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

67 %
IPv6

16
Domains

18
Subdomains

16
IPs

4
Countries

1023 kB
Transfer

2802 kB
Size

11
Cookies

35 HTTP transactions
0 data transactions