urlscan.io logo urlscan.io
SecurityTrails logo

www.secureemrplus.com Open in urlscan Pro
205.139.120.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.secureemrplus.com/
Effective URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Submission: On April 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 38 HTTP transactions. The main IP is 205.139.120.241, located in United States and belongs to CENTURYLINK-LEGACY-SAVVIS, US. The main domain is www.secureemrplus.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 30th 2021. Valid for: a year.
This is the only time www.secureemrplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

23    205.139.120.241 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
www.secureemrplus.com
2    54.161.9.117 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-9-117.compute-1.amazonaws.com
www.samplemd.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c07f0384201eca182498af909426d163.safeframe.googlesyndication.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
23 secureemrplus.com
www.secureemrplus.com
953 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
c07f0384201eca182498af909426d163.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 128
39 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 77
www.google.com — Cisco Umbrella Rank: 4
2 KB
2 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
124 KB
2 samplemd.com
www.samplemd.com — Cisco Umbrella Rank: 341221
4 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7579
792 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 176
29 KB
38 7
Domain Requested by
23 www.secureemrplus.com 1 redirects www.secureemrplus.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.samplemd.com blank
1 www.google.com tpc.googlesyndication.com
1 c07f0384201eca182498af909426d163.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagservices.com www.samplemd.com
38 10

This site contains links to these domains. Also see Links.

Domain
www.inmediata.com
Subject Issuer Validity Valid
*.secureemrplus.com
Go Daddy Secure Certificate Authority - G2		 2021-04-30 -
2022-06-01		 a year crt.sh
*.optimizerx.com
Amazon		 2021-12-11 -
2023-01-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Frame ID: E7A98D7DC7357AE9A46168B2F9183788
Requests: 22 HTTP requests in this frame

Frame: https://www.samplemd.com/gpt/gptbefore.js
Frame ID: E4524645F6C78622559914FAC53017DA
Requests: 10 HTTP requests in this frame

Frame: https://c07f0384201eca182498af909426d163.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7B1A97D032949614BF9FB7C8F22B22CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E15BCA9B1050EAA549460D6EA409550A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 99BE1F846495A46E64FD63614221D0CB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SecureEMR+ Login

Page URL History Show full URLs

  1. https://www.secureemrplus.com/ HTTP 302
    https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

70 %
IPv6

7
Domains

10
Subdomains

10
IPs

2
Countries

1151 kB
Transfer

1477 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.secureemrplus.com/ HTTP 302
    https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request scrUserLogin.jsp
www.secureemrplus.com/prognocis/
Redirect Chain
  • https://www.secureemrplus.com/
  • https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
30 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
365d2fac9a1d7f3b25019762a539501e3acb6d3aa8b21f84c06f33f4b9a75e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html;charset=utf-8
Date
Fri, 22 Apr 2022 07:21:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
x-frame-options
SAMEORIGIN

Redirect headers

Content-Length
279
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 22 Apr 2022 07:21:02 GMT
Location
https://www.secureemrplus.com:443/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Server
Apache
Strict-Transport-Security
max-age=31536000; includeSubDomains
x-frame-options
SAMEORIGIN
setup_biz_Inmediata.css
www.secureemrplus.com/prognocis/stylesheets/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/stylesheets/setup_biz_Inmediata.css?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
5aa2ffdedda058062f724ea782d4785bd87c3fcd2d86e97bd9ae49fc9045a39a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:10 GMT
Server
Apache
ETag
W/"1957-1633009210000"
x-frame-options
SAMEORIGIN
Content-Type
text/css
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
1957
X-XSS-Protection
1; mode=block
text_biz.css
www.secureemrplus.com/prognocis/stylesheets/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/stylesheets/text_biz.css?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
82e173f05d08286c346584e0e9f80daa8683a6c6ec334f84b23cc0cb1edc7050
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:08 GMT
Server
Apache
ETag
W/"5666-1633009208000"
x-frame-options
SAMEORIGIN
Content-Type
text/css
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
5666
X-XSS-Protection
1; mode=block
colorbox2.css
www.secureemrplus.com/prognocis/stylesheets/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/stylesheets/colorbox2.css?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
646646aeaa19bb22cc42971f853e7034a05486053369009e42fb6c9ae19b24cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:10 GMT
Server
Apache
ETag
W/"6390-1633009210000"
x-frame-options
SAMEORIGIN
Content-Type
text/css
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
6390
X-XSS-Protection
1; mode=block
bizBrowserFP.min.js
www.secureemrplus.com/prognocis/javascript/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/bizBrowserFP.min.js
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
74c4b8c480cebcbad4f7606e853008310965da76dad276d34f1906d76d560b5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:24 GMT
Server
Apache
ETag
W/"34205-1633009164000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
34205
X-XSS-Protection
1; mode=block
openwindow.js
www.secureemrplus.com/prognocis/javascript/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/openwindow.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
bda4d84d14748d5dbce6ebbaa586de22280fef0882778a25cfb9704872d301ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:24 GMT
Server
Apache
ETag
W/"1431-1633009164000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
1431
X-XSS-Protection
1; mode=block
mouseover.js
www.secureemrplus.com/prognocis/javascript/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/mouseover.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
605ae9eac44c0a7070bec35a403a7cec3bafd666604e5f0c6b94419c28e7aad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:28 GMT
Server
Apache
ETag
W/"1618-1633009168000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
1618
X-XSS-Protection
1; mode=block
Common.js
www.secureemrplus.com/prognocis/javascript/ 		112 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/Common.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
01c3bca06065d331332f369a036f73c2d2520179aad5d8514ab76ffd1de5c334
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Apr 2022 08:51:20 GMT
Server
Apache
ETag
W/"114711-1650444680882"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
114711
X-XSS-Protection
1; mode=block
toolbar.js
www.secureemrplus.com/prognocis/javascript/ 		67 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/toolbar.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
28aaa11b1282b5a5580e5d3c05f292d68223d6582a9a32477a4cba5b196ca52d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 13 Jan 2022 06:55:11 GMT
Server
Apache
ETag
W/"68684-1642056911880"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
68684
X-XSS-Protection
1; mode=block
validate.js
www.secureemrplus.com/prognocis/javascript/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/validate.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
4b6b26d908fa1ed02dd4fbc4dd0825c4adee1f45777cb29edd4b5e5b81fdf020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:26 GMT
Server
Apache
ETag
W/"11635-1633009166000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
11635
X-XSS-Protection
1; mode=block
biometric.js
www.secureemrplus.com/prognocis/javascript/ 		362 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/biometric.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
11255be136bb1632a2189002ae9d9d83ba3d16b5a9c460ac426177307ff203a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:28 GMT
Server
Apache
ETag
W/"362-1633009168000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
362
X-XSS-Protection
1; mode=block
jquery-3.6.0.min.js
www.secureemrplus.com/prognocis/jquery/ 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/jquery/jquery-3.6.0.min.js
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
f85fd1e800eee68f507dc23fbd3d5baf870a282c34e479ba56840b3ad7995f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:20 GMT
Server
Apache
ETag
W/"100726-1633009160000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
100726
X-XSS-Protection
1; mode=block
jquery.colorbox-1.6.4.min.js
www.secureemrplus.com/prognocis/javascript/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/javascript/jquery.colorbox-1.6.4.min.js
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:28 GMT
Server
Apache
ETag
W/"11960-1633009168000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
11960
X-XSS-Protection
1; mode=block
jquery.backstretch.min.js
www.secureemrplus.com/prognocis/jquery/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/jquery/jquery.backstretch.min.js?version=
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
642176e9d6603c128a0954244fa933833f283716e1ae170ddaa5dac7357ffb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:39:20 GMT
Server
Apache
ETag
W/"2487-1633009160000"
x-frame-options
SAMEORIGIN
Content-Type
application/javascript
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
2487
X-XSS-Protection
1; mode=block
defaultSalesImage.png
www.secureemrplus.com/prognocis/images/Inmediata/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secureemrplus.com/prognocis/images/Inmediata/defaultSalesImage.png
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
7cd9408f61f00c4734dcdc3404d06754a672580a7b1575737c5204b33b87bc74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:54 GMT
Server
Apache
ETag
W/"277269-1633009254000"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
277269
X-XSS-Protection
1; mode=block
company_logo.png
www.secureemrplus.com/prognocis/images/Inmediata/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secureemrplus.com/prognocis/images/Inmediata/company_logo.png
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/stylesheets/setup_biz_Inmediata.css?version=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
4ef2188b52346a9212fceb4cf5e789c715faf276c4b45d1a2220d8e439023896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/stylesheets/setup_biz_Inmediata.css?version=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:54 GMT
Server
Apache
ETag
W/"4907-1633009254000"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
4907
X-XSS-Protection
1; mode=block
bullet2.png
www.secureemrplus.com/prognocis/images/ 		587 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secureemrplus.com/prognocis/images/bullet2.png
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/stylesheets/text_biz.css?version=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
fbcf2e635c077af9eece59b0ef904367b87812b8246a05158d5e6ec6e8185a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/stylesheets/text_biz.css?version=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:40 GMT
Server
Apache
ETag
W/"587-1633009240000"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
587
X-XSS-Protection
1; mode=block
nav.png
www.secureemrplus.com/prognocis/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secureemrplus.com/prognocis/images/nav.png
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/stylesheets/text_biz.css?version=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
7ae3c7117ddeda2f93c70fe89b340cb854158692984dc4b4b554eb3b884824c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/stylesheets/text_biz.css?version=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:41:10 GMT
Server
Apache
ETag
W/"7694-1633009270000"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
7694
X-XSS-Protection
1; mode=block
company_logo_small.png
www.secureemrplus.com/prognocis/images/Inmediata/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secureemrplus.com/prognocis/images/Inmediata/company_logo_small.png
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/stylesheets/setup_biz_Inmediata.css?version=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
2b6dd3bdf0224c99f8ff9bbc50896a62204e58c84f196b0a14e6ebeb0f6ca175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/stylesheets/setup_biz_Inmediata.css?version=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:54 GMT
Server
Apache
ETag
W/"3752-1633009254000"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
3752
X-XSS-Protection
1; mode=block
scrPortalAjaxCalls.jsp
www.secureemrplus.com/prognocis/ 		76 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/scrPortalAjaxCalls.jsp
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
bb5217d4964b30e4ba12b1a18d0879ca35466f0e0d72eb23c675b5fcf0255cd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 22 Apr 2022 07:21:02 GMT
x-frame-options
SAMEORIGIN
Content-Type
text/html;charset=ISO-8859-1
Cache-Control
no-cache
Content-Length
76
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
getOpRxAdvertise.action
www.secureemrplus.com/prognocis/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.secureemrplus.com/prognocis/getOpRxAdvertise.action
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/jquery/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
36b86e58d79be0c43060b9461e626c3b2f8ed002abf28f0a36e753a3d67f60df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Server
Apache
Date
Fri, 22 Apr 2022 07:21:02 GMT
x-frame-options
SAMEORIGIN
Content-Language
de-DE
Content-Type
application/json;charset=UTF-8
Content-Length
1098
X-XSS-Protection
1; mode=block
defaultSalesImage.png
www.secureemrplus.com/prognocis/images/Inmediata/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.secureemrplus.com/prognocis/images/Inmediata/defaultSalesImage.png
Requested by
Host: www.secureemrplus.com
URL: https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.139.120.241 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software
Apache /
Resource Hash
7cd9408f61f00c4734dcdc3404d06754a672580a7b1575737c5204b33b87bc74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.secureemrplus.com/prognocis/scrUserLogin.jsp?clinic=inmediatanginternalmedicine
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 30 Sep 2021 13:40:54 GMT
Server
Apache
ETag
W/"277269-1633009254000"
x-frame-options
SAMEORIGIN
Content-Type
image/png
Date
Fri, 22 Apr 2022 07:21:02 GMT
Accept-Ranges
bytes
Content-Length
277269
X-XSS-Protection
1; mode=block
gptbefore.js
www.samplemd.com/gpt/ Frame E452 		695 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplemd.com/gpt/gptbefore.js
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.9.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-9-117.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b472029fda0c82f1d9ae215b43d3535197806b611d60a9ede1fc2c5701cce139

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
public
Date
Fri, 22 Apr 2022 07:21:04 GMT
Last-Modified
Wed, 05 Feb 2020 17:01:15 GMT
Server
nginx
ETag
"5e3af4db-2b7"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
695
Expires
Sat, 22 Apr 2023 07:21:04 GMT
gptnew.js
www.samplemd.com/gpt/ Frame E452 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.samplemd.com/gpt/gptnew.js
Requested by
Host: blank
URL: about:blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.161.9.117 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-161-9-117.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d1aba359a44d000b2df068ed5ab0adbfa90ea2074946f73a32b2537a9f710086

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma
public
Date
Fri, 22 Apr 2022 07:21:04 GMT
Last-Modified
Tue, 24 Aug 2021 19:49:42 GMT
Server
nginx
ETag
"61254d56-af6"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public, must-revalidate, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2806
Expires
Sat, 22 Apr 2023 07:21:04 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame E452 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.samplemd.com
URL: https://www.samplemd.com/gpt/gptbefore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28697
x-xss-protection
0
server
sffe
etag
"1193 / 743 of 1000 / last-modified: 1650578824"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Apr 2022 07:21:04 GMT
pubads_impl_2022041801.js
securepubads.g.doubleclick.net/gpt/ Frame E452 		362 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
731
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125970
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 22 Apr 2023 07:08:53 GMT
integrator.js
adservice.google.de/adsid/ Frame E452 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 07:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E452 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 07:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E452 		314 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4142163276281740&correlator=1097204713629282&eid=31065714%2C31067028%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=142734416%2Cprognocis&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=3871788075&sfv=1-0-38&ecs=20220422&fsapi=false&prev_scp=channel%3Dprognocis%26environment%3DPROD%26width%3D728%26height%3D90%26divId%3Ddiv-oprx-banner%26page%3DLGP%26mid%3D2708%26cid%3D86%26resourceId%3D4e5ed392-175d-4190-bcf8-77f6f68bbc74&sc=1&cdm=www.secureemrplus.com&abxe=1&dt=1650612064236&lmt=1650612064&dlt=1650612063502&idt=713&biw=1600&bih=1200&isw=728&ish=90&adxs=0&adys=553&ucis=i9rak35gzrkv&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nhd=1&url=about%3Ablank&top=https%3A%2F%2Fwww.secureemrplus.com%2Fprognocis%2FscrUserLogin.jsp%3Fclinic%3Dinmediatanginternalmedicine&frm=23&vis=1&scr_x=0&scr_y=0&psz=728x90&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1378051389.1650612064&ga_sid=1650612064&ga_hid=1064634200&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
12c678aae5e8d86d8ac501132ecf533c80eff7287ba74d53697aa7416bebf821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:21:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.secureemrplus.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E452 		13 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e9eff82973216d8b63d49659398a8bcc995c412bf64d02364b5699e2c73ea3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 22 Apr 2022 07:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10424
x-xss-protection
0
container.html
c07f0384201eca182498af909426d163.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7B1A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c07f0384201eca182498af909426d163.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 07:21:04 GMT
expires
Sat, 22 Apr 2023 07:21:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E452 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 22 Apr 2022 07:21:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E15B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3139
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 06:28:45 GMT
expires
Sat, 22 Apr 2023 06:28:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 99BE 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
874d4959bdfbfe31cdde0e91efafad9377b373d1d4f5b24a52e911891bcf4f19
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Grvp6zsMq4O9MgzeLbvGlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Grvp6zsMq4O9MgzeLbvGlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 22 Apr 2022 07:21:04 GMT
expires
Fri, 22 Apr 2022 07:21:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
pagead2.googlesyndication.com/bg/ Frame E15B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 19:44:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
128211
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13694
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Apr 2023 19:44:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 99BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041801&jk=4142163276281740&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame E15B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?f8PJig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Fri, 22 Apr 2022 07:21:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E452 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041801&jk=4142163276281740&bg=!oaKloubNAAYXWUUuN1k7ACkAdvg8WrJ2QTm5NJ0-d_l7tjiaEWV9SSAQY1qau8E9BYoxVyR66jnPkQIAAABYUgAAAAJoAQeZArbO6nNu153r60mvnCpKOTkp4nVtoOe3LWHYDHF5mD234HXQW7GDt-GkFTylJ3LyWd8Sq8xxvK7Rr6AwcC_o4bgaw7PbVCdOgRUTRE2PvvHX3c4wyLx-OuhJvIpa3TYZKjB7ssuJ3kcanSua21K2hjYcs3naqP02ssx5VZwyztnr1x-GASJxUBSKFe8GmAR697dKoqcy-nEQ9H45pL1H9GsMLQcFqmfCUiijFhot_t4PglnEpzEBwPOL5ITgB7jzDSKc28Lv7Y1q7er_pPfoRwHmjSoVB3P_AXY9kxEMvVSEFxiRh1z7C0yY9XegrkfuxC46khvB-qDLnP7W_hN_TJbdfCqSaSzFlcx_cV9yike_OAB7qNY1wJkv7pRbQZQn-JSE0I1795xXxWShUcLGqvDz-2SE5NNCrFK7qIa3PKwEcImr1oNWlJ-pY4-tKO1WLW_MsCaqO_CfEiCZ8ZowGvv133SPfIqUCRWQzkONy9XGq3ZvsPYR4U5b4EetZ10m88WPR0CgxtaM2m2yJkdGvcINsYIae49ao3Z-SEC02ROyuhhcdyWu9gcryhTX9m6LYMcd2uMiq-JCd1Y5xlZPk5U12SXmXyqON41fwZfB4j_4IzNfdeZPAhiwm51GyIK8dm_lUNVXmy7SPqLci9ohSu6VLlf-YWIBZRz5NSnQthble4J7-0Pw_dBoI0rBFx03fQCMefaCDimxZw_4yHQcwjBU_xFGJlASU-CtxXCSy80tSJ2eavtn41sCOWpwpwUOMHHRsAS7w9gMmHwpR3VVOS1N2fNtopC5bsQLbgS5if_c3Z6VE7HwTe5IaT2wWT-jrU_SrnGgCjnafnfh_o8acWRUo43rSLYVxu_VxIwAkvlf8mIpXP0HRL6SlTpXP2mqfzrJf_QfZ3vT0rCThoB2bEjYbB1tIZhh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

403 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| Fingerprint2 function| openWinCenter function| openWin function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage function| MM_setImg string| gOldSelectionRowId string| gOldSelectionRowClass function| selectCurrRowOnClick number| CONST_SLIDESHOW_DLG_WIDTH number| CONST_SLIDESHOW_DLG_HEIGHT boolean| isNav boolean| isIE number| screenW number| screenH number| maxScreenWidthForSmallDevices undefined| gsRetVal string| gsOperation4PP undefined| gsPortalZoomWinObj undefined| jToolkit undefined| jScreenSize undefined| temp function| setIdIfNotExists function| callLargePopup4Groups function| callBack4GroupSearch function| callLargePopup4Sql function| generatedCallback_MDjs_Common4Sql_1 function| callLargePopup function| generatedCallback_MDjs_Common_1 function| right function| logout function| showPopupAsModalLock function| generatedCallback_MDjs_Common_2 function| closeWin function| showMedLine function| showGlobalModalPopup function| globalClosePopup function| closeJqmPopup function| extractDimension number| jqModalCount function| showJqmPopup function| showPopupAsModal function| showJqModalConfirm function| globalClosePopupNote function| showGlobalModalPopupNote function| showPopupAsModalNote function| squeezeCommas function| currency2Float function| roundAmount function| replaceChar function| unpackWhereParam function| packWhereParam function| packWhereParam2 function| std2Display function| display2Std string| gDisplayFormatMMDDYYYY function| display2StdDefaultFormat function| std2DisplayDefaultFormat function| isDateValid function| isDateValidWithReturnMsg function| getDigitString function| isSSNValid2 function| isSSNValid function| setBackDate function| LeapYear function| CheckLength function| CheckLength2 function| CheckLen function| parseIntBase10 function| checkifValidChars4Masters function| checkifquotes function| checkifquotes2 function| isSpclChar function| chkSpecialChar function| chkApptSMSSpecialChar function| validateSplChar function| isNumericAmt function| trim function| isInt function| compareTwoDates function| getDateInFormat function| convert2NameFormat function| validateAmount function| parseAmt function| formatAmt function| checkNum function| checkForDecimalInAmount function| isCalcPopupDateValid function| showExpressionMessage function| showExpressionAndGuideLines function| getCursorPos function| insertAtCursorPos function| nextWorkFlowEvent function| prevWorkFlowEvent function| changeClassOfCheckbox function| changeClassOfCheckboxUpdateFlag function| GetXmlHttpObject function| printDirect function| debugAlert function| debugMsg function| debugMsg1 function| debugMsg2 function| debugMsg3 function| debugError function| verifyIP function| makeSelectReadonly function| findDuplicateValuesInArray function| setValueInSelectTag function| getMultipleSelectedValues function| getWindowHeight function| alphaNumericWithoutSplChar function| onlyAlphabetsChars function| onlyAlphaNumericWithComma function| onlyAlphaNumeric function| onlyAlphaNumericWrapper function| onlyAlphaNumericWithCommaDollar function| onlyNumericWithComma function| onlyNumericWithDot function| onlyNumeric function| getWindowSize function| validateAddressFields function| forcontrol function| checkNPI function| validateString4SplChar function| isPresentInCommaSeperatedList function| createCookie function| readCookie function| eraseCookie function| getIndexFromElementName function| getFileExtension function| getCalendar function| getDOBCalendar function| closeCalender function| nameAccordingTo5010 function| medicsValidateName function| validateExtId function| connectCH function| connectWSCH function| getPortalTableWidth function| getPortalTableHeight function| getNormalFixedHeaderTableHeight function| getResolutionProportionalHeight function| getResolutionProportionalWidth function| getFileExtn function| isLabelPrinterInstalledAndConnected function| isLabelPrinterInstalledAndConnected4AsyncCall function| isLabelPrinterInstalledAndConnected4SyncCall function| enableDisableLabelPrint function| getLengthOfText function| getSubStringOfText function| goToRemittanceFromClaimLedger function| removeBlankLinesFromStr function| isDEAClassControlledSub function| getScreenHeight function| getScreenWidth function| getFrameHeight function| getFrameWidth function| replaceAll function| replaceAllRecursive function| replaceAllPattern function| invokeExtrnlPatEducation function| callBackInvokeExtrnlPatEducation function| switchTab function| isSpacePresentInStr function| getIEVersion function| showGenericWaitDiv function| hideGenericWaitDiv function| getInternetExplorerVersion function| isSafari function| isMSEdge function| getHexCodeFromRgb function| insertTextAtCursorPosition2 function| insertTextAtCursorPosition function| invokeICDCascadeSearch function| invokeIMOSearchOnly4Icd9 function| invokeIMOSearchOnly4Icd10 function| ajaxRequest function| makeAjaxRequest function| initNiceScroll function| createInputElement function| getStatusSelOptions function| formatNumeric function| formatNumeric2 function| formatFraction function| removeTrailingZeros function| checkIfBlank function| checkValidationForSpclChar function| isExtnMedia function| captureAuditDetailsForIPL function| captureAuditDetailsForEmpPortalBill function| captureAuditDetailsForATPPortal function| isJqueryAbove16 function| validateDuplicatePatientOnPoral function| checkTlsSupportForBrowser function| checkTlsSupportCallback function| makeCalcAjaxCall function| calcCallback function| resizeNicescroll function| removeValueFromString function| findElementStartsWith function| callAjax function| checkIfNullOrBlank function| BizShowDialog function| create2DArray function| closePopup function| formatMaskBdate number| gsMaxChequeAmnt function| formatMoneyToDisplay function| getPPWebDateFormat function| getPreferredPharmData function| sendEmail string| gscomingfromcancel string| version string| gsDispDateFormatForCalendar function| briefMasterSearch function| briefMasterSearchMs function| detailMasterSearch function| briefGlobalSearch function| detailGlobalSearch function| invokeGenSearch function| invokeGenSearchAtPosn function| invokeGrpSearch function| invokeGrpSearchWithLoc function| invokeSearchWithAdd function| invokeSearchWithAddAtposn function| saveConfirm function| invokeSearch function| invokeSearch2 function| invokeSearchWithoutAddNew function| retSearch string| asPopMenuOption function| invokePopSearch function| invokePopSearchWithoutAddNew function| invokeGenSearchGlobal function| invokeGenSearchAtPosnGlobal function| retPopSearch function| invokeSmallSearch string| gsControlName string| gsNewLine number| giChange number| giFieldlen number| giMaxFieldlen string| gsPhRetFunction function| invokeGenPhraseSearch function| invokeMultiPhraseSearch function| showAlert string| gPhraseIds string| gPhraseNames function| searchGenPhraseCallBackMain function| fullPhraseTextCallback function| open_popup function| open_popup_newTab function| openSingleWindow function| gotoRecord function| delRecord function| isChanged function| cancelForm function| resetForm function| reloadForm function| callBackReloadForm string| mstoolbarinputhref function| invokeHelp function| invokeHelpCallback boolean| gInvokeHelpTopics function| mainHelp function| about function| invokeSupport function| mouseover function| mouseout function| saveMouseover function| saveMouseout function| approveMouseover function| approveMouseout function| okMouseover function| okMouseout function| replyMouseover function| replyMouseout function| replyAllMouseover function| replyAllMouseout function| sendMouseover function| sendMouseout function| onMouseOut function| onMouseOver function| valueChanged function| valueChangedV2 function| displayalertNoUpdate function| pressEnter function| pressEnterForpopup function| checkDeleteBackSpace function| Loadtoolbarimages function| saveClick function| approveClick function| sendClick function| okClick function| FormLoadSearch function| FormLoadSearchWithoutAddNew function| FormLoad function| FormLoadWithSearch function| FormLoadWithSearchWithoutAddNew function| goBack function| invokeDiagrams function| generatedCallback_PMjs_toolbar_3 function| invokePatientNotes function| invokePropertiesSch2 function| invokePropertiesSch function| invokeFaxReport function| invokeCaseManagement function| open_main_popup function| callHook function| invokeLABRADReview function| open_popup2 function| showModalDialogWithEncodeURL function| cleanAndEncodeURL function| checkBrowserKey function| isBrowserValid function| getBrowserKey4Portals function| getBrowserKey4Emp function| invokeGenSearchAtPosnNew function| isNumeric function| isNumericWithoutAlert function| isEmpty function| isString function| isFloat function| isCurrency function| isVarChar function| isEmail function| changeToUpper function| changeToLower function| callMe function| modifyString function| formatSSN function| numericOnly function| formatMaskDate function| isDateValidBool function| isNumericQty object| stringtest object| emptytest object| alphatest object| floattest object| inttest object| currencytest object| intQty function| successFullReg function| doAlert function| devicenotconnected function| verifyFailed function| setactionforbiometric function| appletLoaded function| $ function| jQuery string| gsMarketingUrl string| gsDefaultMarketingUrl function| loadOpRxAd function| invokeUserEmailCellNotFound function| invokeUserEmailCellDetailsRemoved function| UrlCallBack function| displayTlsAlert function| closeTlsPopup boolean| isIE2 string| lslanguage string| gAppletLoadedFlag string| gsUpgradeMessage string| gCopyRtAccepted string| gbIsOffline string| gbClinicUSHW function| MM_reloadPage function| SetAction function| openForgetPWDOpt function| getMaskEmailandCellInfo function| getEmailcellMsg function| SetOTPAction function| sendOTP function| checkVersion function| openAppWindow function| invokeUpgradePopup function| invokeSSAlertPopup function| closedUpgradePopup function| closedSSAlertPopup function| proceedToLogin function| callBackLocationPopup function| callBackCopyRight function| closedColorbox function| callBackOpenWindow function| generatedCallbackForLogin function| generatedCallback_MD_scrUserLogin_1 function| openFullWindow function| openlogin function| openBrowserSettings function| invokeCopyRight function| generatedCallback_MD_scrUserLogin_2 function| callbackFn function| callSubmit function| closeForgetPassAlert number| cnti object| xmlHttp

3 Cookies

Domain/Path Name / Value
www.secureemrplus.com/prognocis Name: JSESSIONID
Value: 6026D4A3ABC8A2CEC67369871EF7529D.prodapp01
www.secureemrplus.com/ Name: www.secureemrplus.com
Value: srv-hzuaQ6oYEL6j70EMMP/CYA|YmJXW
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
c07f0384201eca182498af909426d163.safeframe.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.samplemd.com
www.secureemrplus.com
142.250.186.162
205.139.120.241
2a00:1450:4001:803::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
54.161.9.117
01c3bca06065d331332f369a036f73c2d2520179aad5d8514ab76ffd1de5c334
0e9eff82973216d8b63d49659398a8bcc995c412bf64d02364b5699e2c73ea3f
11255be136bb1632a2189002ae9d9d83ba3d16b5a9c460ac426177307ff203a3
12c678aae5e8d86d8ac501132ecf533c80eff7287ba74d53697aa7416bebf821
28aaa11b1282b5a5580e5d3c05f292d68223d6582a9a32477a4cba5b196ca52d
2b6dd3bdf0224c99f8ff9bbc50896a62204e58c84f196b0a14e6ebeb0f6ca175
365d2fac9a1d7f3b25019762a539501e3acb6d3aa8b21f84c06f33f4b9a75e84
36b86e58d79be0c43060b9461e626c3b2f8ed002abf28f0a36e753a3d67f60df
3b94b6f798453eb2a87e54efd5f67936c01a55dd5289f4ae1e052ef6044de8ee
41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e
4b6b26d908fa1ed02dd4fbc4dd0825c4adee1f45777cb29edd4b5e5b81fdf020
4ef2188b52346a9212fceb4cf5e789c715faf276c4b45d1a2220d8e439023896
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aa2ffdedda058062f724ea782d4785bd87c3fcd2d86e97bd9ae49fc9045a39a
605ae9eac44c0a7070bec35a403a7cec3bafd666604e5f0c6b94419c28e7aad0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642176e9d6603c128a0954244fa933833f283716e1ae170ddaa5dac7357ffb64
646646aeaa19bb22cc42971f853e7034a05486053369009e42fb6c9ae19b24cd
74c4b8c480cebcbad4f7606e853008310965da76dad276d34f1906d76d560b5f
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
7ae3c7117ddeda2f93c70fe89b340cb854158692984dc4b4b554eb3b884824c0
7cd9408f61f00c4734dcdc3404d06754a672580a7b1575737c5204b33b87bc74
82e173f05d08286c346584e0e9f80daa8683a6c6ec334f84b23cc0cb1edc7050
874d4959bdfbfe31cdde0e91efafad9377b373d1d4f5b24a52e911891bcf4f19
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b472029fda0c82f1d9ae215b43d3535197806b611d60a9ede1fc2c5701cce139
bb5217d4964b30e4ba12b1a18d0879ca35466f0e0d72eb23c675b5fcf0255cd7
bda4d84d14748d5dbce6ebbaa586de22280fef0882778a25cfb9704872d301ef
d1aba359a44d000b2df068ed5ab0adbfa90ea2074946f73a32b2537a9f710086
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
f85fd1e800eee68f507dc23fbd3d5baf870a282c34e479ba56840b3ad7995f63
fbcf2e635c077af9eece59b0ef904367b87812b8246a05158d5e6ec6e8185a81