urlscan.io logo urlscan.io
SecurityTrails logo

go.ultimatemedical.edu Open in urlscan Pro
54.144.206.27  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.referuma.com/?utm_source=email-signature
Effective URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Submission: On November 22 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 12 domains to perform 55 HTTP transactions. The main IP is 54.144.206.27, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.ultimatemedical.edu.
TLS certificate: Issued by R3 on October 14th 2022. Valid for: 3 months.
This is the only time go.ultimatemedical.edu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    54.144.206.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-206-27.compute-1.amazonaws.com
www.referuma.com
referuma.com
go.ultimatemedical.edu
1    2a05:d014:275:cb00:ce75:162:d945:5f34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
www.ultimatemedical.edu
21    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
gouma.wpenginepowered.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
3    178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net
accdn.lpsnmedia.net
7    178.249.101.98 (United States)

ASN11054 (LIVEPERSON, US)
PTR: am-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net
2    208.89.15.170 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.idp.liveperson.net
va.idp.liveperson.net
3    208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net
va.v.liveperson.net
Apex Domain
Subdomains		 Transfer
21 wpenginepowered.com
gouma.wpenginepowered.com
233 KB
10 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 3313
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 3647
419 KB
7 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 3337
va.idp.liveperson.net — Cisco Umbrella Rank: 11485
va.v.liveperson.net — Cisco Umbrella Rank: 3923
124 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4753
979 B
3 google.de
www.google.de — Cisco Umbrella Rank: 5922
674 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
125 KB
2 ultimatemedical.edu
www.ultimatemedical.edu — Cisco Umbrella Rank: 834373
go.ultimatemedical.edu
21 KB
2 referuma.com
www.referuma.com
referuma.com
506 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 160
17 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
94 KB
55 12
Domain Requested by
21 gouma.wpenginepowered.com go.ultimatemedical.edu
7 lpcdn.lpsnmedia.net lptag.liveperson.net
3 va.v.liveperson.net lptag.liveperson.net
3 accdn.lpsnmedia.net lptag.liveperson.net
lpcdn.lpsnmedia.net
3 www.google.de go.ultimatemedical.edu
2 va.idp.liveperson.net lptag.liveperson.net
va.idp.liveperson.net
2 lptag.liveperson.net gouma.wpenginepowered.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 region1.analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com go.ultimatemedical.edu
2 www.googletagmanager.com go.ultimatemedical.edu
www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com go.ultimatemedical.edu
1 ajax.googleapis.com go.ultimatemedical.edu
1 go.ultimatemedical.edu
1 www.ultimatemedical.edu 1 redirects
1 referuma.com 1 redirects
1 www.referuma.com 1 redirects
55 19

This site contains links to these domains. Also see Links.

Domain
ultimatemedical.edu
Subject Issuer Validity Valid
go.ultimatemedical.edu
R3		 2022-10-14 -
2023-01-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-18 -
2023-04-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2022-02-07 -
2023-02-07		 a year crt.sh
*.idp.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2022-06-09 -
2023-06-09		 a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2022-03-22 -
2023-03-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Frame ID: D558C28B4DB180AEA0FC2E2E644BD1DE
Requests: 51 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fgo.ultimatemedical.edu&site=13994122&env=prod&isCrossDomain=true
Frame ID: E43873A741F1365011EACFF49FA9C78C
Requests: 2 HTTP requests in this frame

Frame: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1669078287424&loc=https%3A%2F%2Fgo.ultimatemedical.edu
Frame ID: C3FD305A520EF0080351D693665AAA80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Refer UMA | Ultimate Medical AcademyUMA-logo

Page URL History Show full URLs

  1. http://www.referuma.com/?utm_source=email-signature HTTP 301
    http://referuma.com/?utm_source=email-signature HTTP 301
    https://www.ultimatemedical.edu/refer/?utm_source=email-signature HTTP 301
    https://go.ultimatemedical.edu/refer/?utm_source=email-signature Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

55
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

19
Subdomains

16
IPs

3
Countries

1056 kB
Transfer

2958 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.referuma.com/?utm_source=email-signature HTTP 301
    http://referuma.com/?utm_source=email-signature HTTP 301
    https://www.ultimatemedical.edu/refer/?utm_source=email-signature HTTP 301
    https://go.ultimatemedical.edu/refer/?utm_source=email-signature Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.ultimatemedical.edu/refer/
Redirect Chain
  • http://www.referuma.com/?utm_source=email-signature
  • http://referuma.com/?utm_source=email-signature
  • https://www.ultimatemedical.edu/refer/?utm_source=email-signature
  • https://go.ultimatemedical.edu/refer/?utm_source=email-signature
102 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.144.206.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-206-27.compute-1.amazonaws.com
Software
nginx / WP Engine
Resource Hash
9811b03de2dbc058ba57a29de9a83b88a39352dd4e1dc1dd5fa383233dbad1e4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Nov 2022 00:51:24 GMT
link
<https://go.ultimatemedical.edu/wp-json/>; rel="https://api.w.org/" <https://go.ultimatemedical.edu/wp-json/wp/v2/pages/17603>; rel="alternate"; type="application/json" <https://go.ultimatemedical.edu/?p=17603>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

age
0
cache-control
public, max-age=0, must-revalidate
content-length
52
content-type
text/plain; charset=utf-8
date
Tue, 22 Nov 2022 00:51:23 GMT
location
https://go.ultimatemedical.edu/refer/?utm_source=email-signature
referrer-policy
same-origin
server
Netlify
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
DENY
x-nf-request-id
01GJED2XE0JW356TX2MZCH8FEZ
x-xss-protection
1; mode=block
style.min.css
gouma.wpenginepowered.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62c2d8bd-15b64"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QG5buoeM50cQval538RdxaUTZgzZIJYTJLZ%2FsBJLInoiQHDIcSq%2FS5ZQRvt5x%2F5jTkHFSl%2Bfz84a1Khjd2v2aQ1Abe22itRHGpaWeStp8Okx%2BZdosNdt2DZcEg%2Flub02%2F%2BUw%2BIuATG9m4og%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b3e6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style-frontend.css
gouma.wpenginepowered.com/wp-content/plugins/social-pug/assets/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/social-pug/assets/css/style-frontend.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f1c970c300c14d218675005aaf506b0a4a0c06a39ef3d09645e8911331b0a0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Nov 2019 16:13:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5dc4429c-4d26"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGy76gV66sOo0KlInynntniKY%2BLf0KAQKbmew6bCYji7K%2FvHCnovnmo%2BO%2Fc19NtR3M7f%2B%2FTXaka966lV4dsEnqSBuQPJiuNTsbb6iWW2oxFRAzQ83RggUKKyg3dFZrCE3RviB17enlQhfi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b3f6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
slick.min.css
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/ 		1 KB
986 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/slick.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bd6c704f22ed2da38fcd5c2eadd9876364dfe2c16e20f04324bc9f2efdfc2de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cd-55c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAu2BTNUUebalEAUg9ERfBdvyzjq6Ft3G3fC%2FTdr7QB1UX6fpI86gx3kl9UEIvAzUCojZa7FyjqHI3VMDuu%2FhfOcmvGSnwODVkyHJtpBBq43QAn6%2BtO0yabkY1DrD0lhvD5O%2BAlSiZGFYnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b406993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.min.css
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/jquery.bxslider.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7deb5defd711fa044fb6b9bb0cf662d5274334b873343d6b5d1368c05d89d56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cc-bd0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW6GPVzOZUgkc4SWrEEvCVtz3F9hgrWA4PNsmZ8xylp%2FpzOyv50EPLxnEVJGSEck%2F7xOKAjtkhkUM36Qzs0Q4%2FHX7INdKcfKvjjH4unuggWKx69DCi2ALwpDPT%2BSSUu%2FFVfLkFp0iRsLlLo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b426993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
font-awesome.min.css
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/font-awesome.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cc-7918"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEV9KIfrePyndh9bp2tTgpATjIV0F0gNhgN9kxRfeF2b%2FoN1PYfWQSvm1at91fqMLuZe1RUJY79s5SN7UhzFm64XnPMvsKhNGdMisgkBsk919bodmW53xacKOS4CiqAucnGzX1ynygnwLXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b446993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.fancybox.min.css
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/jquery.fancybox.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cd-31fb"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0h0zkEtpjW62%2BLbhA7WE6J1PmmyULoMpAcIki3Ii%2BTLzzzkCF3%2F2FRcrT4cSikcTNpkyfyrMrmFok9MoQTcpjgWGM%2FvZ8tBxjt01nIjPtPwwWJHxrnhBn6gpTA8rsMdc%2FbYYFDLZzNMOS4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b436993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-carousel-pro-public.min.css
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/css/wp-carousel-pro-public.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b015dc26d28ccb2553f64e16baa6038c273d324cb3d1b5908aa94bd97f64d505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cd-6366"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG9Ugd6GE%2Fvwqe1VWyH85o9lcfJVbt%2FTjnCcf%2FGhfoA8rmqjxIZX%2B6nu9fxotL9N7%2B9nrFrkpvz%2BnuZmwwF0yiMTbwFupMsKbA040ECRQuDSioMy0HbXhxclG3R9TACZXczDng3q7q%2Fp6Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b476993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bundle.min.css
gouma.wpenginepowered.com/wp-content/themes/cyprus/public/ 		323 KB
136 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/themes/cyprus/public/bundle.min.css
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b607517643aced96d23c9372f7b12617d838c74fdc0a13c4baf1b6111020ca7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 13 Feb 2020 15:14:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5e4567bf-50bc9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJ8Rn2dzIuS7wZOrPtXSfcDnMJulhp6Hw1oYIYO0Cwf8F8s%2BJZb%2F%2FgZnUnAvTFTHV7YnkkpUQhM5opZOwVtX5FGgLdlFdTPp0t0U7uim0CsPgdaZCZmI5iXBbaeEy9v78h1UCgSx6Dgi4vo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad2d9b466993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 23:35:10 GMT
x-content-type-options
nosniff
age
4574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95931
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Nov 2023 23:35:10 GMT
front-end.js
gouma.wpenginepowered.com/wp-content/plugins/social-pug/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/social-pug/assets/js/front-end.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27c9487edebcf50602888db4178566d1c41b930220c32d06293e4e28346a33e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Nov 2019 16:13:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5dc4429b-920"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozwom8Xgavi2uKa%2BHFw6xRLsYMD7vnw8iVnXcxGVyaM7ORqLNasvHDN%2Firh0n2nRDD1lpfs%2FrKXv1zDZmNENcOdPg4DmvsUgBWdoqb5r%2F3F8yTeb5g2McKJbap23YP0prYemDJI9vTvmWfs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad305fa56993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.maskedinput.min.js
gouma.wpenginepowered.com/wp-content/plugins/gravityforms/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e202ad97409c9aff470802853609ee2e3c8b3c38d81d71022ebadd4caed7e854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 11 Oct 2022 21:58:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6345e71f-107e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tsqvCSpQx0Kwk0vQg7606Dtgg%2FdaDnqZKQkqgt%2Bi4eXM7HmbRM9eL47iX6JCpY9utXVVEdKTwIScAenQXHHZTsqKS0tawNH8sKxFawG3bkBwzh2cKAwSRIwTJ4qNyXcSeqPZ7RFu2L66%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad316dba9c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.json.min.js
gouma.wpenginepowered.com/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/gravityforms/js/jquery.json.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 11 Oct 2022 21:58:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6345e71f-738"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nf0paEwqIJClGrTwiNIIgB%2FQaAzpxWX6gLoHCXp%2B67CQ7FL8FEAtQR8Regq71FcjBYT75U2zkkbgSUMGG6f2u3NYT4zX5T0YgYZccVPTnSEgB%2FyRaPRoS2UKmkioc8SB%2FwGJcyuCz6o8H5I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318de29c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gravityforms.min.js
gouma.wpenginepowered.com/wp-content/plugins/gravityforms/js/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/gravityforms/js/gravityforms.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd93a4c9a4a36e674c6eeb1320e044618ab39eb11670545eaf9cd5c6fad67453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 11 Oct 2022 21:58:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6345e71f-87f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMPGz0PMGLgmAwyFsO3Iv7KjGdEpSAmr5WXUz1seotDfmECHw7xx3akXAyKEG3it7nf9Wbyy0FrQOKKKyYMdGPBuHrVQOWu6TAhK5iQuDTSY9QrNNrqtZnwanB2ttTi6SowvFmqKiQGoZ4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318de79c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16827
x-xss-protection
0
server
cafe
etag
16359567893097152046
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Nov 2022 00:51:24 GMT
slick.min.js
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/slick.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cac20faab062d134643a1f5de8485b4f3c993896efb270fc61a6df8b62321aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cb-c59e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdh7zP6F%2BVFmHfY%2B4oo9BnAxuczmB%2FGuhfh9XIgeNg821Pgxfx1C8FsSJJwFidb1g9BgwMustbYz5jdh%2BUIEeHHMHmWcGlMAgc66nS6FqZHE%2FrKiSxkfiFs%2FYCKDGNPggIfm9i8sSDy5LHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318de89c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.bxslider.min.js
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/jquery.bxslider.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f6c63fb75d5dcc042026f25d59a98242c308ba514cfea9c0beccb18869321aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cb-7eef"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXp0QmRA1J9OReZKYFE0wmWgc%2F4%2B8o%2FhrndIU2HA6ppFeOPq%2FkPfKjE%2Bz9t2fs3xmjvYcX9c3FT98uia5DSMZ%2FjJnQggZF6kFCyBzoh796GzWxcL7%2FoIFdwcsgaAMMrNK7%2F7xgNaBQ7C8V0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318dea9c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fancybox.min.js
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/fancybox.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cb-10a9d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlt5WduxpoUeVDu3WcDogLuvmcwrFdu5negApUwXwCtRB0DUkBrdtOco6D56JrizZNPZeQGuB1TFtIfNsLBaDi2sJhhELSccUCZ2Q2k7X3vKiA%2FO8Qv81TZQOKYb2aiqEzi1q0diZyFdxUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318deb9c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
password-ajax.min.js
gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/ 		629 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/wp-carousel-pro/public/js/password-ajax.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6725cb56b6579928d388c4372bf1b54edbb9029f7683eebc71fc10350b563ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 16:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6230b9cc-275"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BXyQojTy6qtu6rfBaE7m1%2BRp%2Fo9joGFj6QGTt7n8sqTMAtA%2Bmk5lfClFbZdN%2BAYxbWFXgIF01W9rbNsvGA4q8HEoT07urw5t1VyC7uKpeUVfN6zJibX2AhbPPQtS%2FnLjPRjsvjY7B8cMbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318dec9c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie.js
gouma.wpenginepowered.com/wp-content/plugins/exactgravity/lib/Gravity/public/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/exactgravity/lib/Gravity/public/js/cookie.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2019 21:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ce318cb-834"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjPOSZbvI8xIRrUddd%2B%2FMUekEmZKfa93YtuGzKO3HjZbEJYruMjs5Tpe5GrMTLlUn44QncGqqhC6YwbGs%2F1FoPnb6LwE%2BF4IiCMedvHq3nIzKhjYClX8UvfPreV%2BfcJN3H%2F9Zy4NvdSoSsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318ded9c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
exact-gravity-utm-listener.js
gouma.wpenginepowered.com/wp-content/plugins/exactgravity/lib/Gravity/public/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/exactgravity/lib/Gravity/public/js/exact-gravity-utm-listener.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10ce297c1e36d507f36d07f67cafa26f16209db229766343b4fcf1b47acfdc01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2019 21:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ce318cb-921"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoAYu7Aul0%2BYamsBU0V9lPLmiDFVK5rm8z1VqjMZcYj9Nh7sEKDx7711fycFhbufkn%2FMHkXWEp2beOhnKN%2BT19CpPl%2Boqw%2Fx1F9EJ2RYMGNcBpXCx4QH3NioREg3dKumtPj2s3dhDQT%2F8wU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318dee9c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
exact-gravity-public.js
gouma.wpenginepowered.com/wp-content/plugins/exactgravity/lib/Gravity/public/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/plugins/exactgravity/lib/Gravity/public/js/exact-gravity-public.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3fc9ab91243faaaee70540ec93fcc11c7791b82b27a91b0ee80087774e81127

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2019 21:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ce318cb-98e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsKVC49lCQCXShDVgpN1fVJWYcCrrXYTJX8bhnhQGT%2FF4PWM6l81H3dl5TFj2kWW2B2U1I48lc3rpiHwzrmYEaH0YovjtE13t3IyzpdptBUu6MHfpitBOmwibZ0g2UWe42l8U%2BRKnkQ2jHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318df09c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lp-monitor.js
gouma.wpenginepowered.com/wp-content/themes/cyprus/assets/js/vendor/liveperson/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/themes/cyprus/assets/js/vendor/liveperson/lp-monitor.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f22afc2063caaf832aa2cecffad46706857f77739849d7032cd632d4c3ca0f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2019 21:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ce318cb-e78"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RG208tEcyH%2BlP2rCtudyG8K7cOVjdzEONOYpR51Af%2BuyLI0O3B9ueb6myb8trCp%2Ff1Nfi%2FBESVP6o2AviHd8782dZAbTkFIq0eETx35mLVX41aD1rBj9Edd%2FIFutQnnD6cZpvwF4yEDOjng%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318df19c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
runtime~bundle.min.js
gouma.wpenginepowered.com/wp-content/themes/cyprus/public/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gouma.wpenginepowered.com/wp-content/themes/cyprus/public/runtime~bundle.min.js
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
911b07404d738b9dfe3408f9adff477094bed834eec85dceeff2fbd24073b200

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 20 May 2019 21:14:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5ce318cb-5a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxYbOfMskIjUFPWKSyqKSNsmJmW9F4kcuIABQZ8nHh7iil74Y88RkekgusiPG8V4IZoOrQRe%2BIAjivs34l5iCk5PC9Y6XwM06X4rCnlrBzz6q0JrAIupmjm%2Fb4y469dORegrLky9WZrFyls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
76ddad318df29c06-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gtm.js
www.googletagmanager.com/ 		126 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9R7C2G
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf92de60da3d9a73ebdcdf302d0b7f7df2f9d8254540860d004d94995815533d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48821
x-xss-protection
0
last-modified
Tue, 22 Nov 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Nov 2022 00:51:25 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1036698593/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1036698593/?random=1669078285054&cv=9&fst=1669078285054&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=edu_pid%3D%3Bedu_plocid%3D%3Bedu_pagetype%3D%3Bedu_totalvalue%3D0&frm=0&url=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&tiba=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1cae7fb86d6d512f821627c78b182252e0db82cb2a85b5bcbc1a355fc18ccd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
996
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1036698593/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1036698593/?random=1669078285054&cv=9&fst=1669075200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=edu_pid%3D%3Bedu_plocid%3D%3Bedu_pagetype%3D%3Bedu_totalvalue%3D0&frm=0&url=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&tiba=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&fmt=3&is_vtc=1&random=4207082051&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1036698593/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1036698593/?random=1669078285054&cv=9&fst=1669075200000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=edu_pid%3D%3Bedu_plocid%3D%3Bedu_pagetype%3D%3Bedu_totalvalue%3D0&frm=0&url=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&tiba=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&fmt=3&is_vtc=1&random=4207082051&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9R7C2G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 21 Nov 2022 23:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5731
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 22 Nov 2022 01:15:54 GMT
js
www.googletagmanager.com/gtag/ 		222 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WW640GQ3YD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9R7C2G
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6df87688f92dc9e71197cbf95ece5fad4d6ddaf487c461c5fbf5861c762eb723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78169
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Nov 2022 00:51:25 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1525874082&t=pageview&_s=1&dl=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&ul=en-us&de=UTF-8&dt=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=332795463&gjid=1971099768&cid=1832792336.1669078285&tid=UA-53384507-1&_gid=1720646463.1669078285&_r=1&gtm=2wgb90K9R7C2G&z=130100306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.ultimatemedical.edu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.ultimatemedical.edu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WW640GQ3YD&gtm=2oeb90&_p=1525874082&_gaz=1&cid=1832792336.1669078285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669078285&sct=1&seg=0&dl=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&dt=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WW640GQ3YD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.ultimatemedical.edu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WW640GQ3YD&cid=1832792336.1669078285&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WW640GQ3YD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.ultimatemedical.edu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WW640GQ3YD&cid=1832792336.1669078285&gtm=2oeb90&aip=1&z=1296015784
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-53384507-1&cid=1832792336.1669078285&jid=332795463&gjid=1971099768&_gid=1720646463.1669078285&_u=YEBAAEAAAAAAACAAI~&z=220259543
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.ultimatemedical.edu/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 22 Nov 2022 00:51:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.ultimatemedical.edu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53384507-1&cid=1832792336.1669078285&jid=332795463&_u=YEBAAEAAAAAAACAAI~&z=2017866239
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-53384507-1&cid=1832792336.1669078285&jid=332795463&_u=YEBAAEAAAAAAACAAI~&z=2017866239
Requested by
Host: go.ultimatemedical.edu
URL: https://go.ultimatemedical.edu/refer/?utm_source=email-signature
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tag.js
lptag.liveperson.net/tag/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=13994122
Requested by
Host: gouma.wpenginepowered.com
URL: https://gouma.wpenginepowered.com/wp-content/themes/cyprus/assets/js/vendor/liveperson/lp-monitor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=300; includeSubDomains
last-modified
Thu, 03 Sep 2020 08:27:49 GMT
server
ws
etag
"5f50a905-1d8f"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7567
.jsonp
lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/ 		295 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Requested by
Host: gouma.wpenginepowered.com
URL: https://gouma.wpenginepowered.com/wp-content/themes/cyprus/assets/js/vendor/liveperson/lp-monitor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
8101f1fcacdb7effa383a52a587369eb48c8fa91182d7c96d87841301ea2afb7
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:25 GMT
strict-transport-security
max-age=300; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
MISS
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
/
accdn.lpsnmedia.net/api/account/13994122/configuration/setting/accountproperties/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/13994122/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
eb7551da148328e76df1fe127f28b5d4101fe34b6c41acdaec8ae45978646365
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
MISS
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Nov 2022 00:52:26 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 22 Nov 2023 00:51:26 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:24 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 22 Nov 2023 00:51:26 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 22 Nov 2023 00:51:26 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 22 Nov 2023 00:51:26 GMT
zones
accdn.lpsnmedia.net/api/account/13994122/configuration/le-campaigns/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/13994122/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
2dbd546ee8dedc136c2459e3898d66f8f7ef1ff43b6c76ac635b1d1778d02f0b
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
MISS
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Tue, 22 Nov 2022 00:52:26 GMT
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ 		961 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:03:25 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 22 Nov 2023 00:51:26 GMT
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ Frame E438 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fgo.ultimatemedical.edu&site=13994122&env=prod&isCrossDomain=true
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://go.ultimatemedical.edu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 00:51:26 GMT
expires
Wed, 22 Nov 2023 00:51:26 GMT
last-modified
Thu, 03 Nov 2022 22:00:32 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-cache-status
HIT
x-content-type-options
nosniff
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fgo.ultimatemedical.edu&site=13994122&force=1&env=prod&isCrossDomain=true
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.98 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
am-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 03 Nov 2022 22:00:32 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Wed, 22 Nov 2023 00:51:26 GMT
refererrestrictions
accdn.lpsnmedia.net/api/account/13994122/configuration/domainprotection/ Frame E438 		113 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/13994122/configuration/domainprotection/refererrestrictions?cb=lpCb37142x24987
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fgo.ultimatemedical.edu&site=13994122&env=prod&isCrossDomain=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo-accdn.lpsnmedia.net
Software
ws /
Resource Hash
ae265809d0f8f14bb755bb08cf16c2cc979e9efbcd205df45e4117669cac6988
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpcdn.lpsnmedia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:26 GMT
strict-transport-security
max-age=99999999999; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
MISS
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
x-envoy-upstream-service-time
104
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
postmessage.min.html
va.idp.liveperson.net/postmessage/ Frame C3FD 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1669078287424&loc=https%3A%2F%2Fgo.ultimatemedical.edu
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.idp.liveperson.net
Software
ws /
Resource Hash
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://go.ultimatemedical.edu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
content-encoding
gzip
content-type
text/html
date
Tue, 22 Nov 2022 00:51:27 GMT
etag
W/"5f2ff440-2a51"
last-modified
Sun, 09 Aug 2020 13:04:00 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
authorize
va.idp.liveperson.net/api/account/13994122/anonymous/ Frame C3FD 		678 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.idp.liveperson.net/api/account/13994122/anonymous/authorize?__d=27201
Requested by
Host: va.idp.liveperson.net
URL: https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1669078287424&loc=https%3A%2F%2Fgo.ultimatemedical.edu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.15.170 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.idp.liveperson.net
Software
ws /
Resource Hash
0a753f765eb0ac4bb7daf44206e6dc69568a8c39aad62c9d5d50718a1289ea28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

LP-DOMAIN-REFERER
https://go.ultimatemedical.edu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
*/*
Referer
https://va.idp.liveperson.net/postmessage/postmessage.min.html?bust=1669078287424&loc=https%3A%2F%2Fgo.ultimatemedical.edu
X-Requested-With
XMLHttpRequest
LP-URL
https://go.ultimatemedical.edu/refer/?utm_source=email-signature

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/json
access-control-allow-origin
https://va.idp.liveperson.net
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
content-length
678
13994122
va.v.liveperson.net/api/js/ 		246 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/13994122?&cb=lpCb21663x84009&t=sp&ts=1669078287418&pid=9183518621&tid=8136478220&pt=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&u=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%2C%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%2C%22sub%22%3A%2206422415-a8be-477d-8224-15a8bef77ddc%22%2C%22account%22%3A%2213994122%22%7D%5D
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
14dca46436846f235feb64ddbc2a676d435f2d4a7992e143456ae1df1149a4da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:28 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
13994122
va.v.liveperson.net/api/js/ 		40 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/13994122?sid=7TnRikbgRT2zYsyg9_CFQQ&cb=lpCb9700x4868&t=uc&ts=1669078286204&pid=9183518621&tid=8136478220&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22LP_DIV_1432733350793%22%7D%5D&vid=MxYjZhMDEyMjY5ZjQyOTYx
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
1723bcc81c8fade8edcdecca9e746cdd6da8496c0e57931302bab459afe23183

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:29 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
13994122
va.v.liveperson.net/api/js/ 		111 B
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/13994122?sid=7TnRikbgRT2zYsyg9_CFQQ&cb=lpCb59565x71082&t=pl&ts=1669078288279&pid=9183518621&tid=8136478220&vid=MxYjZhMDEyMjY5ZjQyOTYx
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/13994122/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&b=undefined
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
54fddbe69de5ebfd9001a651883ea0cc0ff5ac02275d3835f3ea75c7face8dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 00:51:29 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-WW640GQ3YD&gtm=2oeb90&_p=1525874082&cid=1832792336.1669078285&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1669078285&sct=1&seg=0&dl=https%3A%2F%2Fgo.ultimatemedical.edu%2Frefer%2F%3Futm_source%3Demail-signature&dt=Refer%20UMA%20%7C%20Ultimate%20Medical%20Academy&en=scroll&epn.percent_scrolled=90&_et=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WW640GQ3YD&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.ultimatemedical.edu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Nov 2022 00:51:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.ultimatemedical.edu
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

151 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery object| gf_global object| dataLayer object| google_tag_params object| google_conversion_id object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_tag_data object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments undefined| value undefined| value2 object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format object| gform undefined| __gf_keyup_timeout function| renderRecaptcha function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar object| gfMultiFileUploader function| cookie object| utm_listener object| lpTag object| webpackJsonp object| jQuery1112028610237923924475 function| _typeof function| _extends object| lpTaglogListeners object| proxyless object| lpMTagConfig function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| __core-js_shared__ object| lpIntlTelInputUtils object| lpIntlTelInputGlobals

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ultimatemedical.edu/ Name: _gid
Value: GA1.2.1720646463.1669078285
.ultimatemedical.edu/ Name: _gat_UA-53384507-1
Value: 1
.ultimatemedical.edu/ Name: _ga_WW640GQ3YD
Value: GS1.1.1669078285.1.0.1669078285.60.0.0
.ultimatemedical.edu/ Name: _ga
Value: GA1.1.1832792336.1669078285
go.ultimatemedical.edu/ Name: gravity_utm_source
Value: email-signature
.ultimatemedical.edu/ Name: LPVID
Value: MxYjZhMDEyMjY5ZjQyOTYx
.ultimatemedical.edu/ Name: LPSID-13994122
Value: 7TnRikbgRT2zYsyg9_CFQQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ajax.googleapis.com
go.ultimatemedical.edu
googleads.g.doubleclick.net
gouma.wpenginepowered.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
referuma.com
region1.analytics.google.com
stats.g.doubleclick.net
va.idp.liveperson.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.referuma.com
www.ultimatemedical.edu
141.193.213.11
142.250.185.162
178.249.101.98
178.249.97.23
178.249.97.99
2001:4860:4802:34::36
208.89.12.87
208.89.15.170
2a00:1450:4001:800::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c07::9d
2a05:d014:275:cb00:ce75:162:d945:5f34
54.144.206.27
0a753f765eb0ac4bb7daf44206e6dc69568a8c39aad62c9d5d50718a1289ea28
0bd6c704f22ed2da38fcd5c2eadd9876364dfe2c16e20f04324bc9f2efdfc2de
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
10ce297c1e36d507f36d07f67cafa26f16209db229766343b4fcf1b47acfdc01
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
14dca46436846f235feb64ddbc2a676d435f2d4a7992e143456ae1df1149a4da
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
1723bcc81c8fade8edcdecca9e746cdd6da8496c0e57931302bab459afe23183
1b607517643aced96d23c9372f7b12617d838c74fdc0a13c4baf1b6111020ca7
1f22afc2063caaf832aa2cecffad46706857f77739849d7032cd632d4c3ca0f2
27c9487edebcf50602888db4178566d1c41b930220c32d06293e4e28346a33e8
2dbd546ee8dedc136c2459e3898d66f8f7ef1ff43b6c76ac635b1d1778d02f0b
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f6c63fb75d5dcc042026f25d59a98242c308ba514cfea9c0beccb18869321aa
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
54fddbe69de5ebfd9001a651883ea0cc0ff5ac02275d3835f3ea75c7face8dc1
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
639fcd75ad19240531093db9d079f4be79913034b5ce3a7ae0b4006735f1fb2f
6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331
6df87688f92dc9e71197cbf95ece5fad4d6ddaf487c461c5fbf5861c762eb723
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f1c970c300c14d218675005aaf506b0a4a0c06a39ef3d09645e8911331b0a0b
8101f1fcacdb7effa383a52a587369eb48c8fa91182d7c96d87841301ea2afb7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
911b07404d738b9dfe3408f9adff477094bed834eec85dceeff2fbd24073b200
9811b03de2dbc058ba57a29de9a83b88a39352dd4e1dc1dd5fa383233dbad1e4
a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04
ae265809d0f8f14bb755bb08cf16c2cc979e9efbcd205df45e4117669cac6988
b015dc26d28ccb2553f64e16baa6038c273d324cb3d1b5908aa94bd97f64d505
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6725cb56b6579928d388c4372bf1b54edbb9029f7683eebc71fc10350b563ac
bf92de60da3d9a73ebdcdf302d0b7f7df2f9d8254540860d004d94995815533d
c7deb5defd711fa044fb6b9bb0cf662d5274334b873343d6b5d1368c05d89d56
c8cd0b0d514cecdaf4e7214325a70bba9bae301e156265bd0d880f9065d1d183
cac20faab062d134643a1f5de8485b4f3c993896efb270fc61a6df8b62321aaf
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
d3fc9ab91243faaaee70540ec93fcc11c7791b82b27a91b0ee80087774e81127
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1cae7fb86d6d512f821627c78b182252e0db82cb2a85b5bcbc1a355fc18ccd6
e202ad97409c9aff470802853609ee2e3c8b3c38d81d71022ebadd4caed7e854
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e828282e92509efc0f7bc57888382c5816bd403e0abbb685eda5c4372cc7daa5
eb7551da148328e76df1fe127f28b5d4101fe34b6c41acdaec8ae45978646365
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd93a4c9a4a36e674c6eeb1320e044618ab39eb11670545eaf9cd5c6fad67453