urlscan.io logo urlscan.io
SecurityTrails logo

www.2nd.md Open in urlscan Pro
52.27.123.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.2nd.md/sweepstakes/unisys
Effective URL: https://www.2nd.md/sweepstakes/unisys
Submission: On January 12 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 19 domains to perform 43 HTTP transactions. The main IP is 52.27.123.54, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.2nd.md.
TLS certificate: Issued by Amazon on October 21st 2020. Valid for: a year.
This is the only time www.2nd.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 52.27.123.54 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.31.79.120 13335 (CLOUDFLAR...)
2 151.101.112.217 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.68.164.174 16509 (AMAZON-02)
1 13.225.80.58 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 13.224.94.10 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.224.94.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.94.105 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.203.1.140 16509 (AMAZON-02)
2 65.9.7.86 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
43 25
14    52.27.123.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-123-54.us-west-2.compute.amazonaws.com
www.2nd.md
1    2600:9000:2190:c400:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rlets.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.31.79.120 (United States)

ASN13335 (CLOUDFLARENET, US)
ping.kickfactory.com
2    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
1    2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    54.68.164.174 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-164-174.us-west-2.compute.amazonaws.com
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
1    13.225.80.58 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-58.fra2.r.cloudfront.net
static.hotjar.com
1    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    13.224.94.10 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-10.zrh50.r.cloudfront.net
cdn.chatbot.com
1    2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6811:80ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    13.224.94.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-93.zrh50.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.94.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-94-105.zrh50.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hubspot.com
1    18.203.1.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-1-140.eu-west-1.compute.amazonaws.com
in.hotjar.com
2    65.9.7.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
capture-api.reachlocalservices.com
1    2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
Domain Requested by
14 www.2nd.md 1 redirects www.2nd.md
5 cdn.chatbot.com www.2nd.md
cdn.chatbot.com
2 capture-api.reachlocalservices.com cdn.rlets.com
2 www.google-analytics.com www.2nd.md
www.google-analytics.com
2 player.vimeo.com www.2nd.md
1 track.hubspot.com
1 in.hotjar.com script.hotjar.com
1 forms.hubspot.com js.hscollectedforms.net
1 www.google.de www.2nd.md
1 www.google.com www.2nd.md
1 stats.g.doubleclick.net www.google-analytics.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.2nd.md
1 static.hotjar.com www.2nd.md
1 9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com cdn.rlets.com
1 js.hs-scripts.com www.2nd.md
1 ping.kickfactory.com www.2nd.md
1 fonts.googleapis.com www.2nd.md
1 cdn.rlets.com www.2nd.md
43 24

This site contains links to these domains. Also see Links.

Domain
2nd.md
www.facebook.com
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
2nd.md
Amazon		 2020-10-21 -
2021-11-19		 a year crt.sh
*.rlets.com
DigiCert SHA2 High Assurance Server CA		 2018-01-26 -
2021-02-03		 3 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-18 -
2021-07-18		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-07 -
2021-04-24		 9 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
chatbot.com
Amazon		 2020-09-26 -
2021-10-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2020-07-27 -
2021-07-27		 a year crt.sh
*.reachlocalservices.com
DigiCert SHA2 High Assurance Server CA		 2018-01-26 -
2021-02-03		 3 years crt.sh

This page contains 5 frames:

Primary Page: https://www.2nd.md/sweepstakes/unisys
Frame ID: 106ED23EF3557E5A63E4723946A61387
Requests: 38 HTTP requests in this frame

Frame: https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Frame ID: A682FF9315BA4B145F2F6F70F7A4A55C
Requests: 1 HTTP requests in this frame

Frame: https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0
Frame ID: 49B6568539587446D652705464414F7F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 00B9A115AE6A08A4115B5FEBFC773C18
Requests: 1 HTTP requests in this frame

Frame: https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=670
Frame ID: D42467E97837F5260306BEF9C8E268FA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.2nd.md/sweepstakes/unisys HTTP 301
    https://www.2nd.md/sweepstakes/unisys Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

43
Requests

100 %
HTTPS

60 %
IPv6

19
Domains

24
Subdomains

25
IPs

4
Countries

1317 kB
Transfer

1879 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.2nd.md/sweepstakes/unisys HTTP 301
    https://www.2nd.md/sweepstakes/unisys Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request unisys
www.2nd.md/sweepstakes/
Redirect Chain
  • http://www.2nd.md/sweepstakes/unisys
  • https://www.2nd.md/sweepstakes/unisys
25 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
62db1cba067404434d101b5e06226af7b59625d2aa9637d40b6803fea8412784

Request headers

:method
GET
:authority
www.2nd.md
:scheme
https
:path
/sweepstakes/unisys
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:13 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=0dQGGS7DTZ3ev3X4T7nHrJshgyabU29G7V6WpSO7zHzEI9v8un24dMjCIS+dopN1cdMBX7XETVg6RVQnSb/Phf0obZGYzEn+FuCGVj5khvqSpVIrRAlOSa7w2NAE; Expires=Tue, 19 Jan 2021 14:12:13 GMT; Path=/ AWSALBCORS=0dQGGS7DTZ3ev3X4T7nHrJshgyabU29G7V6WpSO7zHzEI9v8un24dMjCIS+dopN1cdMBX7XETVg6RVQnSb/Phf0obZGYzEn+FuCGVj5khvqSpVIrRAlOSa7w2NAE; Expires=Tue, 19 Jan 2021 14:12:13 GMT; Path=/; SameSite=None; Secure csrftokencookie=473906934901f431a835b7a72ce15f30; expires=Tue, 12-Jan-2021 16:12:13 GMT; Max-Age=7200; path=/; secure;Secure;HttpOnly ci_session=7qqrpju8oou7b961j03bbrukgm2sp7ao; path=/; secure; HttpOnly;Secure;HttpOnly
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Origin

Redirect headers

Server
awselb/2.0
Date
Tue, 12 Jan 2021 14:12:12 GMT
Content-Type
text/html
Content-Length
134
Connection
keep-alive
Location
https://www.2nd.md:443/sweepstakes/unisys
jquery-3.5.1.js
www.2nd.md/assets/webLayout/js/ 		281 KB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/js/jquery-3.5.1.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:13 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
287630
vary
Origin
content-type
text/javascript
bootstrap.bundle.js
www.2nd.md/assets/webLayout/js/ 		218 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/js/bootstrap.bundle.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:13 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
222911
vary
Origin
content-type
text/javascript
5014927a5dbf0855d40cd00.js
cdn.rlets.com/capture_configs/9f2/f60/d18/ 		173 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:c400:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0728c879991087edcdf1f4e5282fac4f03827a4f7ec312c3fe52e6c26af82d4a

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 10:38:10 GMT
content-encoding
gzip
last-modified
Sun, 10 Jan 2021 01:15:11 GMT
server
AmazonS3
age
12844
etag
W/"82fe1ed67b6cdc37e30706415d481776"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
GTXc-J34kNhriLMSPpIGZaL170fQvUvy0iG9-j9Q2DUnNJb946YAwg==
css
fonts.googleapis.com/ 		8 KB
871 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a8388f919b5adc030fd72c9645a620120576e2041ec5448755d3db5b1135d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 14:12:13 GMT
server
ESF
date
Tue, 12 Jan 2021 14:12:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 12 Jan 2021 14:12:13 GMT
bootstrap.min.css
www.2nd.md/assets/webLayout/css/ 		152 KB
153 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/css/bootstrap.min.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:13 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
155758
vary
Origin
content-type
text/css
all.css
www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/ 		67 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:13 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
69105
vary
Origin
content-type
text/css
webLayout.css
www.2nd.md/assets/webLayout/css/ 		94 KB
94 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/css/webLayout.css
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
532c05e2d9fcae01dd7264dc8b02f8cf101ab4ddde02adaa2361bd5091a437ab

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:13 GMT
last-modified
Sat, 14 Nov 2020 04:51:20 GMT
server
Apache
accept-ranges
bytes
content-length
95990
vary
Origin
content-type
text/css
ping.js
ping.kickfactory.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ping.kickfactory.com/ping.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.31.79.120 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=1763
cf-bgj
minify
cf-request-id
079889bcf90000b7cf2da36000000001
last-modified
Mon, 12 Jun 2017 16:02:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h55kVx3upeSOicROHkC6kaomKxVdAEc6E1RWwyrMrxNvWETLI%2BVLCm668R6Fd1PIHVMYYMRi0SmEzwmn2YJTROP3Byas7a7X2vZHobVjjJTd8HghoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
610778a7fbf3b7cf-CDG
expires
Tue, 12 Jan 2021 14:13:56 GMT
plain-banner.png
www.2nd.md/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/images/plain-banner.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
064778e998427e1b24a5cdfcc4838be182c768a10336202cc85c18e169ad9bac

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
last-modified
Thu, 10 Sep 2020 23:23:16 GMT
server
Apache
accept-ranges
bytes
content-length
4023
vary
Origin
content-type
image/png
logo_2nd_md_white.png
www.2nd.md/assets/webLayout/img/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/img/logo_2nd_md_white.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
9587590381f820bfed471a61ea1a6f29c1e4f32df48ac7d33a79d24ddd02c8ce

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
26881
vary
Origin
content-type
image/png
fb_icon.png
www.2nd.md/assets/webLayout/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/icons/fb_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
ebddd17c3cefd87dec926c9e32d15e7dbc331731dbe279fb7fadbfe8aefac5a4

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
1276
vary
Origin
content-type
image/png
twitter_icon.png
www.2nd.md/assets/webLayout/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/icons/twitter_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
c54fac230b996aaf38ce0a7f7b423c3c386b67b48e769ed7fdf6bd9c054b242c

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
1472
vary
Origin
content-type
image/png
linkedin_icon.png
www.2nd.md/assets/webLayout/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/icons/linkedin_icon.png
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
afd56241da1a9abe8d650d367e4eb8749664ff103c425f180d17a0b892bf09d1

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
1338
vary
Origin
content-type
image/png
player.js
player.vimeo.com/api/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f49ed5154a95ba1e306ce12fe21fc83596bd55865a19a845a075d1a92738fbcd
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Varnish-Cache
0
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
1074
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-9
Content-Length
5869
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4072-HHN
X-Player-Backend
p
Expires
Tue, 12 Jan 2021 14:24:20 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1610460735.650410,VS0,VE0
Date
Tue, 12 Jan 2021 14:12:14 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
2524
4455734.js
js.hs-scripts.com/ 		1 KB
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/4455734.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c3964ddd0e15432f3a635b07fe7bd44f4c228236ced51e1e4277cc3896ccdc9

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2BABB3B42384477E1414236D509325D434D457FD90000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.2nd.md
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
610778a7cf9d3240-FRA
cf-request-id
079889bce200003240898cd000000001
expires
Tue, 12 Jan 2021 14:13:14 GMT
storage.html
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/ Frame A682 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/static/storage.html
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.164.174 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-164-174.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
:scheme
https
:path
/static/storage.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/sweepstakes/unisys
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/sweepstakes/unisys

Response headers

date
Tue, 12 Jan 2021 14:12:15 GMT
content-type
text/html
content-length
1997
last-modified
Fri, 18 Dec 2020 19:58:09 GMT
hotjar-1426662.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.58 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-58.fra2.r.cloudfront.net
Software
/
Resource Hash
7d3bf8a9dfc93dd571bdf8cb98c27f914ecf37de68bbc06cf9c6f1ee0879927c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
4
etag
W/130a40ed2091f632e6dcd12f1adcc286
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
content-length
1556
via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
x-amz-cf-id
S4h8blwckX6II8aNTXB1MbOHy67zIFvLbvJBfmLKYKUJ6klqWICc6A==
gtm.js
www.googletagmanager.com/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K35W95K
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
06baa575ce9042deb792c95789bb72d74bbc6ea92e585ab02e72cd938b83d527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33063
x-xss-protection
0
last-modified
Tue, 12 Jan 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 12 Jan 2021 14:12:14 GMT
301039111
player.vimeo.com/video/ Frame 49B6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/301039111?title=0&byline=0&portrait=0
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.2nd.md/sweepstakes/unisys
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/sweepstakes/unisys

Response headers

Connection
keep-alive
Content-Length
10111
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Tue, 12 Jan 2021 14:15:41 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Tue, 12 Jan 2021 14:12:14 GMT
Age
0
X-Served-By
cache-hhn4072-HHN
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1610460735.706281,VS0,VE97
Vary
Accept-Encoding
X-Player-Backend
p
footer-background.jpg
www.2nd.md/assets/webLayout/img/ 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.2nd.md/assets/webLayout/img/footer-background.jpg
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/assets/webLayout/css/webLayout.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
28218abf458dfaa037bdab364a5bbf1e3a3bf0cbaf65d78519ad1f63c110484e

Request headers

Referer
https://www.2nd.md/assets/webLayout/css/webLayout.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:15 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
120888
vary
Origin
content-type
image/jpeg
fa-solid-900.woff2
www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/webfonts/fa-solid-900.woff2
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.27.123.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-27-123-54.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Request headers

Origin
https://www.2nd.md
Referer
https://www.2nd.md/assets/webLayout/fontawesome-5.8.2/css/all.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
https://www.2nd.md
date
Tue, 12 Jan 2021 14:12:14 GMT
last-modified
Thu, 10 Sep 2020 23:23:18 GMT
server
Apache
accept-ranges
bytes
content-length
74328
vary
Origin
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.2nd.md
Referer
https://fonts.googleapis.com/css?family=Lato400,700,900|Montserrat:400,500,600,700|Roboto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 07 Jan 2021 16:12:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
424809
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Fri, 07 Jan 2022 16:12:05 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3162
date
Tue, 12 Jan 2021 13:19:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Tue, 12 Jan 2021 15:19:32 GMT
plugin.js
cdn.chatbot.com/widget/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/plugin.js
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-10.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
wUxHOMnnwiubozgBsdJ7_IhQiRIAnfVP
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 15:16:29 GMT
server
AmazonS3
age
2640
etag
W/"8853ce597d0917584ec866d09152eb43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Tue, 12 Jan 2021 13:28:16 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
BEqD-9FLMjCBra5polcTrmFURDmDq5UWPz6xPkpmb-x6dDCX3mY_QQ==
4455734.js
js.hs-analytics.net/analytics/1610460600000/ 		60 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1610460600000/4455734.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ede40384c0b4d53c5da46f20b0e96750520778f60398de985c429baa1f2353

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
content-encoding
br
cf-cache-status
HIT
age
126
x-amz-server-side-encryption
AES256
x-amz-request-id
EYCW3GCR6T2N5N9Y
x-amz-id-2
VKa4DRHL/951bak0d4n8gwlWiVOIll8vsIoYMsBzz02KIsn/jabia3tx0Kim+P/YjU+Rhy1PXEk=
last-modified
Mon, 14 Dec 2020 17:00:28 GMT
server
cloudflare
etag
W/"d18957b8974c4aeebc74bed27a0ce09b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
079889bdc100002c56cc9da000000001
cf-ray
610778a93a922c56-FRA
expires
Tue, 12 Jan 2021 14:15:08 GMT
4455734.js
js.hs-banner.com/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/4455734.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12bad69ea4a493d28cec7eae66c96885a06e03ab0a0cb2efd97d3a5af759a6ff

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash
crc32c=wlNPUw==, md5=qRh07wAafZJSj5ef9Fl8Lw==
date
Tue, 12 Jan 2021 14:12:14 GMT
content-encoding
br
cf-cache-status
HIT
age
126
x-guploader-uploadid
ABg5-Uy93XKhgnmDOXyagD9ZgcQMybR8FF07G-Ljt9MbYC_X-NuNHNDkqDXR_q-dE0B2IxeoaTqXnZD-ytm1pVqYC9A
x-goog-storage-class
STANDARD
access-control-max-age
604800
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript; charset=UTF-8
cf-request-id
079889bdc10000e00338a1c000000001
timing-allow-origin
*
last-modified
Tue, 05 Jan 2021 17:57:44 GMT
server
cloudflare
etag
W/"a91874ef001a7d92528f979ff4597c2f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation
1609869464850084
access-control-allow-origin
https://2ndmdmember-env.eba-tsb5rsiq.us-west-2.elasticbeanstalk.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
x-goog-stored-content-length
55613
cf-ray
610778a93f01e003-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Tue, 12 Jan 2021 14:15:08 GMT
collectedforms.js
js.hscollectedforms.net/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4455734.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:80ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413

Request headers

Origin
https://www.2nd.md
Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:14 GMT
via
1.1 156336391961f724345f6534c674b6eb.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
33510
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.206/bundles/project.js&cfRay=610446894f0e2bca-EWR
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
079889bdc1000032609291c000000001
cf-ray
610778a93d2c3260-FRA
last-modified
Wed, 18 Nov 2020 03:17:23 UTC
server
cloudflare
etag
W/"8009c15ab0ddd537e87c8961e3793907"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
vK9VzhfTTqVFyznSA1saY0pwTd8plNRY
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
77_N5fEY0M3brrlgtLZG6dhidePb_5sTlwWP13G8pmdUnF11l-MKtw==
modules.f24e95ebbea0a3617008.js
script.hotjar.com/ 		223 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.f24e95ebbea0a3617008.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-93.zrh50.r.cloudfront.net
Software
/
Resource Hash
e3cb4e3f37303cdaaff89b4f0d42aa67154be3ef40547051deafb4ef0afa7565
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 11:14:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
10692
x-cache
Hit from cloudfront
content-length
59760
access-control-allow-origin
*
last-modified
Tue, 12 Jan 2021 11:11:33 GMT
etag
"798a10bb9805d6745a4a7919628b37e3"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
vijje5vx1P7xXULe1e3nVlxnfzP3bsmOkXqzztwbEIyS7XCjYYR6nw==
collect
www.google-analytics.com/j/ 		4 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1536116988&t=pageview&_s=1&dl=https%3A%2F%2Fwww.2nd.md%2Fsweepstakes%2Funisys&ul=en-us&de=UTF-8&dt=Talk%20to%20a%20Medical%20Specialist%20Online%20for%20Medical%20Second%20Opinion%20-%202nd.MD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1991786986&gjid=841734718&cid=2139014518.1610460735&tid=UA-22644076-1&_gid=1524476004.1610460735&_r=1&_slc=1&z=916073152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 14:12:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.2nd.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 00B9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1426662.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-105.zrh50.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/sweepstakes/unisys
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/sweepstakes/unisys

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
YVmSDhH4ur_ysHj51qaCuGAa0ZlGB1Gblx2So3TKwr_LeGeYLzVZmg==
age
4309871
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-22644076-1&cid=2139014518.1610460735&jid=1991786986&gjid=841734718&_gid=1524476004.1610460735&_u=IEBAAEAAAAAAAC~&z=105176454
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 12 Jan 2021 14:12:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.2nd.md
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-22644076-1&cid=2139014518.1610460735&jid=1991786986&_u=IEBAAEAAAAAAAC~&z=1185367269
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 14:12:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-22644076-1&cid=2139014518.1610460735&jid=1991786986&_u=IEBAAEAAAAAAAC~&z=1185367269
Requested by
Host: www.2nd.md
URL: https://www.2nd.md/sweepstakes/unisys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jan 2021 14:12:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=4455734&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c033dedc3bf132d8e18ec6f02bd1c2238deb5a60bd188a1659d819395b14a975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:12:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.2nd.md
access-control-max-age
180
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
610778aabfabdfcb-FRA
access-control-allow-headers
*
cf-request-id
079889beb60000dfcb2025e000000001
polyfill.js
cdn.chatbot.com/widget/ 		72 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/polyfill.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-10.zrh50.r.cloudfront.net
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 14:10:08 GMT
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
age
127
access-control-allow-methods
GET,HEAD
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
ZRH50-C1
content-length
72
x-amz-cf-id
_qoB_8t15spGRxCnvZKDs-d2MwQ_QwQa1vKgnZipYfFwK-HC88FbAg==
settings.json
cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/5d5ec2ba4f2cc853b4813015/settings.json
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-10.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
380ee64cf288aef5676771b624696f56868bbaa844c7a953649dc16d583e9e59

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
mjJKtZuNFzm3_iBA_sjFi.8lClDV2dLq
content-encoding
gzip
etag
W/"c24869a9a32913471874f83c6b4cd028"
age
34
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 09 Jan 2020 16:44:00 GMT
server
AmazonS3
date
Tue, 12 Jan 2021 14:11:42 GMT
vary
Origin
access-control-allow-methods
GET, HEAD
content-type
application/json
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control
public, max-age=30
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
5hMw0_HZ5pf9RnEId87JwV29XODkh3e8RUm2p8AOvy4IYmCLcUgPIw==
visit-data
in.hotjar.com/api/v2/client/sites/1426662/ 		178 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1426662/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f24e95ebbea0a3617008.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.1.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-1-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 12 Jan 2021 14:12:15 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
originCountry
capture-api.reachlocalservices.com/ 		35 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Requested by
Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/9f2/f60/d18/5014927a5dbf0855d40cd00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f94989a50de7ab402fc1d8acf678f5efc9c0a9b412330743dd2629ffe41a3922

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 12 Jan 2021 14:12:16 GMT
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amzn-requestid
29133270-4778-4585-af31-86a7acdff447
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-5ffdae40-010f95ca5925497967afc545;Sampled=0
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
ZCgqEH3LPHcFxAQ=
content-length
35
x-amz-cf-id
rw5Cq22ZWbeRZG-xCC0f5nBk2RYBiPVILJRqZJ-i0DTVoTsZ1_EhXQ==
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
originCountry
capture-api.reachlocalservices.com/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://capture-api.reachlocalservices.com/originCountry
Protocol
H2
Server
65.9.7.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.2nd.md
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Tue, 12 Jan 2021 14:12:15 GMT
x-amzn-requestid
1e802f9d-c09b-49fb-93f7-dc7463342004
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
ZCgp_EIHPHcFXMg=
access-control-allow-methods
GET,OPTIONS
x-cache
Miss from cloudfront
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
8-S8Z4ju3gX-iDDhxYZ_-z2hT5_MYA2y2fWEQC6L27sw3pUW5MvAag==
__ptq.gif
track.hubspot.com/ 		45 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=4455734&pu=https%3A%2F%2Fwww.2nd.md%2Fsweepstakes%2Funisys&t=Talk+to+a+Medical+Specialist+Online+for+Medical+Second+Opinion+-+2nd.MD&cts=1610460735415&vi=41b8cb9886b31a24bdd648b096767f03&nc=true&ce=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray
610778ac5f9905d0-FRA
date
Tue, 12 Jan 2021 14:12:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/gif
content-length
45
cf-request-id
079889bfb9000005d0379a4000000001
x-robots-tag
none
plugin.js
cdn.chatbot.com/widget/v1/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/v1/plugin.js
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-10.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c86950a6b78e26acf6490ea2995aa3934687ada2dd29d306c630e234b96f410e

Request headers

Referer
https://www.2nd.md/sweepstakes/unisys
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
yStZtFEDwkdP98sLRwoO4WcEJiP68wf4
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 15:16:30 GMT
server
AmazonS3
age
1994
etag
W/"5373bfb1dd41e62e167ac5e48fa48297"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
date
Tue, 12 Jan 2021 13:39:03 GMT
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
P_k1YGvbSR1XOiRkt9JIGyDiuxbVGJIyYpHIW8dLviYR25UVPZFQZQ==
chat.html
cdn.chatbot.com/widget/v1/ Frame D424 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.chatbot.com/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=670
Requested by
Host: cdn.chatbot.com
URL: https://cdn.chatbot.com/widget/v1/plugin.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.94.10 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-94-10.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
cdn.chatbot.com
:scheme
https
:path
/widget/v1/chat.html?id=5d5ec2ba4f2cc853b4813015&v=670
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.2nd.md/sweepstakes/unisys
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.2nd.md/sweepstakes/unisys

Response headers

content-type
text/html; charset=utf-8
content-length
593
last-modified
Fri, 18 Dec 2020 15:16:30 GMT
x-amz-version-id
F86o04bdnvnaZrq_z1yOMFrNhCHWJ7Zt
accept-ranges
bytes
server
AmazonS3
date
Tue, 12 Jan 2021 13:19:04 GMT
cache-control
public, max-age=3600
etag
"342ecd23f4219027243260fecf36f5c5"
x-cache
Hit from cloudfront
via
1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
bc8wvEAsUR6Vh7B_YCL9_hoMQYaPMKAk-IhwInwQVCs6zMfO2vzZ8w==
age
3208

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap object| rl_widget_cfg object| RLCAP string| base_url boolean| isMobile boolean| isClient boolean| isSpecialist boolean| isCareUser boolean| isAdmin function| hj object| _hjSettings object| dataLayer string| csrf_token_name string| csrf_token_value object| Vimeo boolean| VimeoPlayerResizeEmbeds_ string| GoogleAnalyticsObject function| ga object| __be object| google_tag_manager object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| kf_ping function| kf_trackback boolean| h_v object| kf_data string| a object| _hsq object| _paq boolean| _hstc_loaded function| bindToWindowOnError function| OutpostErrorReporter object| __hsCollectedFormsDebug object| _hsp boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran object| BE_CONFIG object| BE_API

16 Cookies

Domain/Path Name / Value
9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com/ Name: test
Value: test
.2nd.md/ Name: __hssc
Value: 112361499.1.1610460735412
.2nd.md/ Name: __hssrc
Value: 1
.2nd.md/ Name: __hstc
Value: 112361499.41b8cb9886b31a24bdd648b096767f03.1610460735411.1610460735411.1610460735411.1
.2nd.md/ Name: _hjid
Value: 53801d64-d06d-4bca-b8e6-d665734d3083
.2nd.md/ Name: _ga
Value: GA1.2.2139014518.1610460735
.2nd.md/ Name: _hjAbsoluteSessionInProgress
Value: 0
.www.2nd.md/ Name: kf_ch
Value: 726e3d1e-9f37-421b-6fbf-27044e354867
.2nd.md/ Name: _hjTLDTest
Value: 1
www.2nd.md/ Name: AWSALBCORS
Value: z35LpBcRKHrXCGNn2Ah3XPxAqTCOiIECpCRs6cWYziICmMfB1OfDMWVFQBwny8bR4WdgEFaRd6GJLqbtEgu3kYgYC19WrSKjNkHij7ElWt1fcNMtzSMRKZe5JLHU
.2nd.md/ Name: _gid
Value: GA1.2.1524476004.1610460735
.2nd.md/ Name: hubspotutk
Value: 41b8cb9886b31a24bdd648b096767f03
www.2nd.md/ Name: AWSALB
Value: z35LpBcRKHrXCGNn2Ah3XPxAqTCOiIECpCRs6cWYziICmMfB1OfDMWVFQBwny8bR4WdgEFaRd6GJLqbtEgu3kYgYC19WrSKjNkHij7ElWt1fcNMtzSMRKZe5JLHU
.2nd.md/ Name: _gat
Value: 1
.vimeo.com/ Name: vuid
Value: pl2067737990.1213113421
www.2nd.md/ Name: _hjIncludedInPageviewSample
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f2f60d1-8501-4927-a5db-f0855d40cd00.rlets.com
capture-api.reachlocalservices.com
cdn.chatbot.com
cdn.rlets.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
ping.kickfactory.com
player.vimeo.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
vars.hotjar.com
www.2nd.md
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.31.79.120
13.224.94.10
13.224.94.105
13.224.94.93
13.225.80.58
151.101.112.217
18.203.1.140
2600:9000:2190:c400:6:9a19:88c0:93a1
2606:4700::6811:44b0
2606:4700::6811:80ab
2606:4700::6811:d2cc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2004
2a00:1450:4001:800::200a
2a00:1450:4001:808::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200e
2a00:1450:4001:824::2003
2a00:1450:400c:c0c::9c
52.27.123.54
54.68.164.174
65.9.7.86
064778e998427e1b24a5cdfcc4838be182c768a10336202cc85c18e169ad9bac
06baa575ce9042deb792c95789bb72d74bbc6ea92e585ab02e72cd938b83d527
0728c879991087edcdf1f4e5282fac4f03827a4f7ec312c3fe52e6c26af82d4a
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
12bad69ea4a493d28cec7eae66c96885a06e03ab0a0cb2efd97d3a5af759a6ff
202752fa7a5a30ee9a7583a23f045e61689f1c5f147f6d8d1fa05e6ab0153858
28218abf458dfaa037bdab364a5bbf1e3a3bf0cbaf65d78519ad1f63c110484e
2a8388f919b5adc030fd72c9645a620120576e2041ec5448755d3db5b1135d0f
2c3964ddd0e15432f3a635b07fe7bd44f4c228236ced51e1e4277cc3896ccdc9
380ee64cf288aef5676771b624696f56868bbaa844c7a953649dc16d583e9e59
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
532c05e2d9fcae01dd7264dc8b02f8cf101ab4ddde02adaa2361bd5091a437ab
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
62db1cba067404434d101b5e06226af7b59625d2aa9637d40b6803fea8412784
7d3bf8a9dfc93dd571bdf8cb98c27f914ecf37de68bbc06cf9c6f1ee0879927c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9587590381f820bfed471a61ea1a6f29c1e4f32df48ac7d33a79d24ddd02c8ce
a55ade67aedf45a013ca01c5e93fa042d175348ef4d16f64cde022beee9abbd5
a85b3ac3e18572f1e737966a3b328f95748624e186859567c959079e24f1d23a
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ad9e4318a5ffb02d153a7275ddc2a55a896e412e4c95e0cb48365b4c99501413
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd56241da1a9abe8d650d367e4eb8749664ff103c425f180d17a0b892bf09d1
b6ede40384c0b4d53c5da46f20b0e96750520778f60398de985c429baa1f2353
c033dedc3bf132d8e18ec6f02bd1c2238deb5a60bd188a1659d819395b14a975
c54fac230b996aaf38ce0a7f7b423c3c386b67b48e769ed7fdf6bd9c054b242c
c86950a6b78e26acf6490ea2995aa3934687ada2dd29d306c630e234b96f410e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfd8ca6ec6ffb72eecefee16cdbb442d2e2fabdb9d27e3038c64c3e66b711d9d
e3cb4e3f37303cdaaff89b4f0d42aa67154be3ef40547051deafb4ef0afa7565
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ebddd17c3cefd87dec926c9e32d15e7dbc331731dbe279fb7fadbfe8aefac5a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49ed5154a95ba1e306ce12fe21fc83596bd55865a19a845a075d1a92738fbcd
f94989a50de7ab402fc1d8acf678f5efc9c0a9b412330743dd2629ffe41a3922