Submitted URL: https://links.healthnewsletters.com/a/2011/click/1162/2174254/05a4812951b1a6740ad7cfe4cd08382650ed515d/d4da2b4b3f88bac7947608e4a252b...
Effective URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8c...
Submission: On August 08 via api from US

Summary

This website contacted 11 IPs in 4 countries across 16 domains to perform 24 HTTP transactions. The main IP is 192.135.136.170, located in United States and belongs to AGORA - Monument & Cathedral Holdings, Inc., US. The main domain is pro.whydoctorslie.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 7th 2018. Valid for: 2 years.
This is the only time pro.whydoctorslie.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 18.203.12.171 16509 (AMAZON-02)
1 4 192.135.136.170 11372 (AGORA)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2600:9000:200... 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.101.14.110 54113 (FASTLY)
24 11
Domain Requested by
6 files.admin.newmarkethealth.com pro.whydoctorslie.com
4 pro.whydoctorslie.com 1 redirects pro.whydoctorslie.com
3 nmhfiles.com pro.whydoctorslie.com
2 c.lytics.io pro.whydoctorslie.com
2 fonts.gstatic.com pro.whydoctorslie.com
2 www.google-analytics.com 1 redirects pro.whydoctorslie.com
2 fonts.googleapis.com pro.whydoctorslie.com
1 js-agent.newrelic.com pro.whydoctorslie.com
1 www.google.de pro.whydoctorslie.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com pro.whydoctorslie.com
1 tracking.undergroundcures6.com 1 redirects
1 links.healthnewsletters.com 1 redirects
0 bam.nr-data.net Failed pro.whydoctorslie.com
0 code.jquery.com Failed pro.whydoctorslie.com
24 16

This site contains no links.

Subject Issuer Validity Valid
ordertracking.pubsvs.com
Entrust Certification Authority - L1K
2018-11-07 -
2020-07-21
2 years crt.sh
ssl901312.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-14 -
2019-11-20
6 months crt.sh
*.googleapis.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
files.iris.pubsvs.com
Entrust Certification Authority - L1K
2019-05-02 -
2020-01-23
9 months crt.sh
*.google.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
www.google.de
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months crt.sh
ssl379818.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-07-26 -
2020-02-01
6 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-04-10 -
2020-03-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Frame ID: 821BECC6DD5EAFC24174425DB643B49D
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://links.healthnewsletters.com/a/2011/click/1162/2174254/05a4812951b1a6740ad7cfe4cd08382650ed515d/d4da2b4b3... HTTP 302
    https://tracking.undergroundcures6.com/aff_c?offer_id=1739&aff_id=453&aff_sub=int HTTP 302
    https://pro.whydoctorslie.com/m/1165665/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898... HTTP 301
    https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid... Page URL

Page Statistics

24
Requests

92 %
HTTPS

79 %
IPv6

16
Domains

16
Subdomains

11
IPs

4
Countries

1334 kB
Transfer

1633 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.healthnewsletters.com/a/2011/click/1162/2174254/05a4812951b1a6740ad7cfe4cd08382650ed515d/d4da2b4b3f88bac7947608e4a252b559373c3265 HTTP 302
    https://tracking.undergroundcures6.com/aff_c?offer_id=1739&aff_id=453&aff_sub=int HTTP 302
    https://pro.whydoctorslie.com/m/1165665/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98 HTTP 301
    https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=510828073&t=pageview&_s=1&dl=https%3A%2F%2Fpro.whydoctorslie.com%2Fp%2FNAH190109A%2FLNAHV1CA%2F%3Faid%3D453%26sid1%3Dint%26sid2%3D%26sid3%3D%26sid4%3D%26sid5%3D%26oid%3D1739%26tid%3D1023a863898b323ab8cc4882c23f98%26h%3Dtrue&ul=en-us&de=UTF-8&dt=Top%20Ivy%20League%20MD%20Exposes%20the%20Scary%20Link%20Between%E2%80%A6%20SEX%20and%20CANCER%20in%20People%20over%2060&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1564133656&gjid=151708052&cid=1267063935.1565282690&tid=UA-536812-22&_gid=1092711549.1565282690&_r=1&z=863747733 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_gid=1092711549.1565282690&gjid=151708052&_v=j78&z=863747733 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_v=j78&z=863747733 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_v=j78&z=863747733&slf_rd=1&random=12675480

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/
Redirect Chain
  • https://links.healthnewsletters.com/a/2011/click/1162/2174254/05a4812951b1a6740ad7cfe4cd08382650ed515d/d4da2b4b3f88bac7947608e4a252b559373c3265
  • https://tracking.undergroundcures6.com/aff_c?offer_id=1739&aff_id=453&aff_sub=int
  • https://pro.whydoctorslie.com/m/1165665/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98
  • https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
137 KB
60 KB
Document
General
Full URL
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.170 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software
/
Resource Hash
f6ab4078c551a0f8b5809ef358b4b0b1f6ef76c05f41f2861b2490d4937ebf02

Request headers

Host
pro.whydoctorslie.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Cookie
1165665=1344813; BIGipServerIRIS_PROD_HTTPS_POOL=!jLLlVO8drcKi9hHuZJwzdqDQ3dZl1oZjszcYv5dHJFExAvqKNPL4GNZ3DMQ9KLCbdTMJv9EKLNK89BQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
LNAHV1CA=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
Date
Thu, 08 Aug 2019 16:44:21 GMT
Content-Length
61236

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Set-Cookie
1165665=1344813; expires=Wed, 28-Aug-2019 16:44:21 GMT; path=/; HttpOnly BIGipServerIRIS_PROD_HTTPS_POOL=!jLLlVO8drcKi9hHuZJwzdqDQ3dZl1oZjszcYv5dHJFExAvqKNPL4GNZ3DMQ9KLCbdTMJv9EKLNK89BQ=; path=/; Httponly; Secure
Date
Thu, 08 Aug 2019 16:44:21 GMT
Content-Length
5744
Common.js
pro.whydoctorslie.com/p/Scripts/
2 KB
1 KB
Script
General
Full URL
https://pro.whydoctorslie.com/p/Scripts/Common.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.170 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software
/
Resource Hash
40134bb6c4d8e9ef13f8445026ea42decb5bb2b9c279f203b375aa3378de0b9a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 08 Aug 2019 16:44:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2017 21:07:14 GMT
ETag
"0adf48cd558d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1136
HideContent.js
pro.whydoctorslie.com/p/Scripts/
724 B
747 B
Script
General
Full URL
https://pro.whydoctorslie.com/p/Scripts/HideContent.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.170 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software
/
Resource Hash
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 08 Aug 2019 16:44:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2017 21:07:14 GMT
ETag
"0adf48cd558d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
466
jquery.min.js
code.jquery.com/
0
0

NmhVideoLib-latest.js
nmhfiles.com/videolib/
36 KB
8 KB
Script
General
Full URL
https://nmhfiles.com/videolib/NmhVideoLib-latest.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b64e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
41892115361abc2d3cfb4833c314c23b77a4c39ebbca85a2fb4302c677a7fc44

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 08 Aug 2019 16:44:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Sep 2018 19:36:20 GMT
server
cloudflare
age
6585
x-powered-by
PleskLin
etag
W/"5ba00234-914f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
5032f45de95bd6cd-FRA
expires
Thu, 08 Aug 2019 20:44:22 GMT
css
fonts.googleapis.com/
3 KB
617 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 08 Aug 2019 16:44:22 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 08 Aug 2019 16:44:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 08 Aug 2019 16:44:22 GMT
css
fonts.googleapis.com/
5 KB
680 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1765050e6e590d416344984978c8611f20948551c9b8550f9fb53187413b6e44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 08 Aug 2019 16:44:22 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 08 Aug 2019 16:44:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Thu, 08 Aug 2019 16:44:22 GMT
gtm.js
www.googletagmanager.com/
122 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB3G9X5
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57e0a61b81a0aa03d3ff26203038f0e29014d549d24e6c90c2c423dd9f62e7df
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 08 Aug 2019 16:44:22 GMT
content-encoding
br
last-modified
Thu, 08 Aug 2019 15:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
25004
x-xss-protection
0
expires
Thu, 08 Aug 2019 16:44:22 GMT
187wi.png
files.admin.newmarkethealth.com/images/
568 KB
569 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/187wi.png
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e400:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a07f4af8f1910f82dd2c07f36c0b4768cf858d699e5b952f30a33998c57df418

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 02:17:28 GMT
via
1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified
Tue, 08 Jan 2019 20:19:44 GMT
server
AmazonS3
age
75660
etag
"7b459020a391b278efbcbce4ea3a00aa"
x-cache
Hit from cloudfront
x-amz-version-id
H2uOfiUjSqRj05hi7SOgVJeMIzG7f2QF
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
image/png
content-length
581649
x-amz-cf-id
oh4lxR4hg3WuGM9Kf7-oRSLXhpreQp--AKYSNtejZE-jny5sFtYNNg==
185wi.png
files.admin.newmarkethealth.com/images/
47 KB
47 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/185wi.png
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e400:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
759c9a0ad7973c10eb3e81fa50f3d15394137222eefb3f3b2c416ee3a3492f03

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 13 May 2019 22:04:24 GMT
via
1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified
Tue, 08 Jan 2019 20:55:04 GMT
server
AmazonS3
age
25474
etag
"9c14f73d90bac44c7743179d86cc943d"
x-cache
Hit from cloudfront
x-amz-version-id
UEdNzSFuBBKHqkouUVY8kkyU6gPxgFI_
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
image/png
content-length
48129
x-amz-cf-id
oZMyF7MMOjCGbgOAyXR5j1e1l2ewwgKzSgmX2IjgP_b2VXD9Pr-fwQ==
370wi.png
files.admin.newmarkethealth.com/images/
151 KB
151 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/370wi.png
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e400:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31b2f301055976965d59eceba4ef90c07563a66a3b801e3853b78172a562750e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 02:50:29 GMT
via
1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified
Tue, 08 Jan 2019 21:04:54 GMT
server
AmazonS3
age
75660
etag
"b34349a2311acb6e01ba28f81398dd71"
x-cache
Hit from cloudfront
x-amz-version-id
_0SH8KsnjN.V3xhWAuOS.FsI1suBtWVf
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
image/png
content-length
154235
x-amz-cf-id
SfoBw9Dbz9cw1_DbUKWQRYputMDaeX87v_ZOji2bJIsTNVaizxW3NA==
178pxp.jpg
files.admin.newmarkethealth.com/images/
4 KB
5 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/178pxp.jpg
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e400:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d97277ff0309a8bf143630b0560cd9cbc59b32719ad80a9e5decd1cb7cba793a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 01:30:14 GMT
via
1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified
Mon, 05 Nov 2018 18:19:52 GMT
server
AmazonS3
age
75660
etag
"59536a54f39b357ffc77981cd58ddc53"
x-cache
Hit from cloudfront
x-amz-version-id
fnK3fSnBrO.UMy370IPc1.BnIRHTg8BV
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
image/jpeg
content-length
4428
x-amz-cf-id
l1JX77Q23DofG2KpnoLb5dLnueZNs7UeYdE81YJOs5BjGBspW_LegA==
177wi.png
files.admin.newmarkethealth.com/images/
278 KB
279 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/177wi.png
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e400:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
509b0ddc7cf844e32a0ca6434af0323ee6394fa392d55c789c3ca92c4ceca27d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 07:41:05 GMT
via
1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jan 2019 13:49:01 GMT
server
AmazonS3
age
25474
etag
"07159c3b7d9639c014e07df1b9f3ef06"
x-cache
Hit from cloudfront
x-amz-version-id
hmAJHYNgiTcH3_NRq.nDsaLp91fvB4RY
status
200
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-type
image/png
content-length
284702
x-amz-cf-id
dWoSA4NpFrm-Tv87TOyXZZDz3kupYqFhy1d7aj3IAGdv_w8Ubj1chw==
162wi.png
files.admin.newmarkethealth.com/images/
115 KB
116 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/162wi.png
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e400:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c664789b84ef4f42aa8223259364cdb5aa7dc22d8fa184bfbf260ffa29e4de87

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
SfrmEEV6T7DcfsoKu6xfkK6cwM8Zytys
via
1.1 ae322f9f82b436687f3bcaf36433b2bb.cloudfront.net (CloudFront)
last-modified
Wed, 09 Jan 2019 13:49:01 GMT
server
AmazonS3
age
75660
etag
"6499c3e20b2939ad5da3848d52362de0"
x-cache
Hit from cloudfront
content-type
image/png
status
200
date
Wed, 07 Aug 2019 19:43:23 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2
accept-ranges
bytes
content-length
117786
x-amz-cf-id
_Im1s-kfsb6FWAOBxsVJiZNKZn2fZ_bOSlzj6-iNDVzPUHUSYqyN-g==
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
7061
date
Thu, 08 Aug 2019 14:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Thu, 08 Aug 2019 16:47:08 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
fonts.gstatic.com/s/robotocondensed/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYb9lecyU.woff2
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed:700
Origin
https://pro.whydoctorslie.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 23 Jul 2019 04:02:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:17 GMT
server
sffe
age
1428113
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
10996
x-xss-protection
0
expires
Wed, 22 Jul 2020 04:02:56 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v18/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Roboto+Condensed
Origin
https://pro.whydoctorslie.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 23 Jul 2019 04:02:56 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:48:22 GMT
server
sffe
age
1428113
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
10968
x-xss-protection
0
expires
Wed, 22 Jul 2020 04:02:56 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=510828073&t=pageview&_s=1&dl=https%3A%2F%2Fpro.whydoctorslie.com%2Fp%2FNAH190109A%2FLNAHV1CA%2F%3Faid%3D453%26sid1%3Dint%26sid2%3D%26sid3%3D%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_gid=1092711549.1565282690&gjid=151708052&_v=j78&z=863747733
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_v=j78&z=863747733
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_v=j78&z=863747733&slf_rd=1&random=12675480
42 B
110 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_v=j78&z=863747733&slf_rd=1&random=12675480
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Aug 2019 16:44:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Aug 2019 16:44:49 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-22&cid=1267063935.1565282690&jid=1564133656&_v=j78&z=863747733&slf_rd=1&random=12675480
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lio.js
c.lytics.io/api/tag/e2033117b05d33611f34afb61aed4016/
45 KB
11 KB
Script
General
Full URL
https://c.lytics.io/api/tag/e2033117b05d33611f34afb61aed4016/lio.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05034e5640aa34328b4d2694f7eea011e8560f386e11caa00b4165b5687f2fa7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5032f50c2d8627a2-FRA
date
Thu, 08 Aug 2019 16:44:49 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
160
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Thu, 08 Aug 2019 18:44:49 GMT
nmhlytics.js
nmhfiles.com/lytics/
3 KB
1 KB
Script
General
Full URL
https://nmhfiles.com/lytics/nmhlytics.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b64e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
03ff835fbf1eca989c7d09c18f3f67d5ca597e2904b408b585bb0f1581e89051

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 08 Aug 2019 16:44:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Jul 2018 14:26:40 GMT
server
cloudflare
age
3052
x-powered-by
PleskLin
etag
W/"5b4cab20-b33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
5032f50bdd19d6cd-FRA
expires
Thu, 08 Aug 2019 20:44:49 GMT
mc2em.js
nmhfiles.com/mc2em/
4 KB
1 KB
Script
General
Full URL
https://nmhfiles.com/mc2em/mc2em.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b64e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8d18fe23b4df4db9caded529c9f013b3eb3c1c31ecb528898c794021649f300c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 08 Aug 2019 16:44:49 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 17:49:22 GMT
server
cloudflare
age
1943
x-powered-by
PleskLin
etag
W/"5b75b922-e9c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
5032f50bdd2ed6cd-FRA
expires
Thu, 08 Aug 2019 20:44:49 GMT
io.min.js
c.lytics.io/static/v2/
13 KB
6 KB
Script
General
Full URL
https://c.lytics.io/static/v2/io.min.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5465 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray
5032f50c4db527a2-FRA
date
Thu, 08 Aug 2019 16:44:49 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 26 Jun 2019 19:48:45 GMT
server
cloudflare
age
1425
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=7200
content-encoding
br
expires
Thu, 08 Aug 2019 18:44:49 GMT
nr-spa-1130.min.js
js-agent.newrelic.com/
34 KB
13 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1130.min.js
Requested by
Host: pro.whydoctorslie.com
URL: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid=453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 08 Aug 2019 16:44:50 GMT
content-encoding
gzip
x-amz-request-id
43AD5D928B21EE01
x-cache
HIT
status
200
content-length
13148
x-amz-id-2
TedOPNhVK5oPXKODtO0aBqVT2c/RwkxBCUQNqPCmpbfgMcUHz9g6XG2fR4nl+vEfsS8sKUncIqY=
x-served-by
cache-fra19155-FRA
last-modified
Tue, 09 Jul 2019 23:52:08 GMT
server
AmazonS3
x-timer
S1565282690.000161,VS0,VE0
etag
"312761e7cd4a61f0ea2e2e6265f5f365"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1449
65387c3314
bam.nr-data.net/1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
https://code.jquery.com/jquery.min.js
Domain
bam.nr-data.net
URL
https://bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1130.54e767a&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=30350&ref=https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/&ap=32&be=2744&fe=30317&dc=30160&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1565282659672,%22n%22:0,%22f%22:2084,%22dn%22:2084,%22dne%22:2084,%22c%22:2084,%22ce%22:2084,%22rq%22:2085,%22rp%22:2330,%22rpe%22:2824,%22dl%22:2334,%22di%22:30160,%22ds%22:30160,%22de%22:30160,%22dc%22:30313,%22l%22:30313,%22le%22:30317%7D,%22navigation%22:%7B%7D%7D&fp=30161&fcp=30161&jsonp=NREUM.setToken

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer object| google_tag_manager function| __attachEventHandler function| __detachEventHandler function| __addUnloadEvent function| __sendAjaxPost function| __urlParameters function| __setCookie function| __getCookie function| __getByClassName number| __subscribeNowDelay function| __showElements object| __subscribeNowElements function| __showSubscribeNow object| NREUM object| newrelic function| __nr_require

12 Cookies

Domain/Path Name / Value
.whydoctorslie.com/ Name: seerses
Value: e
.whydoctorslie.com/ Name: seerid
Value: 82621.13997997668
.pro.whydoctorslie.com/ Name: nmhltName
Value: null
.pro.whydoctorslie.com/ Name: nmhltEmail
Value: null
.whydoctorslie.com/ Name: _gat
Value: 1
.pro.whydoctorslie.com/ Name: seerses
Value: e
.pro.whydoctorslie.com/ Name: seerid
Value: 82621.13997997668
.pro.whydoctorslie.com/ Name: nmhltLastname
Value: null
.whydoctorslie.com/ Name: _gid
Value: GA1.2.1092711549.1565282690
.whydoctorslie.com/ Name: _ga
Value: GA1.2.1267063935.1565282690
.pro.whydoctorslie.com/ Name: nmhltFirstname
Value: null
pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA Name: https://pro.whydoctorslie.com/p/NAH190109A/LNAHV1CA/?aid
Value: 453&sid1=int&sid2=&sid3=&sid4=&sid5=&oid=1739&tid=1023a863898b323ab8cc4882c23f98&h=true=visited

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
c.lytics.io
code.jquery.com
files.admin.newmarkethealth.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
links.healthnewsletters.com
nmhfiles.com
pro.whydoctorslie.com
stats.g.doubleclick.net
tracking.undergroundcures6.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bam.nr-data.net
code.jquery.com
151.101.14.110
18.203.12.171
192.135.136.170
2600:9000:200c:e400:15:c44b:a200:93a1
2606:4700:10::6814:b64e
2606:4700:20::6819:5465
2606:4700:30::6812:3eee
2a00:1450:4001:808::2004
2a00:1450:4001:816::2003
2a00:1450:4001:818::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2003
2a00:1450:400c:c08::9c
03ff835fbf1eca989c7d09c18f3f67d5ca597e2904b408b585bb0f1581e89051
05034e5640aa34328b4d2694f7eea011e8560f386e11caa00b4165b5687f2fa7
1765050e6e590d416344984978c8611f20948551c9b8550f9fb53187413b6e44
2b7caf43d9c84f7b05243a68e7bc41555f0b873a115a1e1c691f86bed97dd4d9
31b2f301055976965d59eceba4ef90c07563a66a3b801e3853b78172a562750e
40134bb6c4d8e9ef13f8445026ea42decb5bb2b9c279f203b375aa3378de0b9a
41892115361abc2d3cfb4833c314c23b77a4c39ebbca85a2fb4302c677a7fc44
49a1b4e1296645aa2f513c87a0e5fe56a305a7ed678c2f6499631ec1f3b35856
509b0ddc7cf844e32a0ca6434af0323ee6394fa392d55c789c3ca92c4ceca27d
57e0a61b81a0aa03d3ff26203038f0e29014d549d24e6c90c2c423dd9f62e7df
759c9a0ad7973c10eb3e81fa50f3d15394137222eefb3f3b2c416ee3a3492f03
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
87b60a7315307d1b3c3230eff607b52bbf3d56a452aa68eb5bf50ede73bc517b
8d18fe23b4df4db9caded529c9f013b3eb3c1c31ecb528898c794021649f300c
a07f4af8f1910f82dd2c07f36c0b4768cf858d699e5b952f30a33998c57df418
b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2
c664789b84ef4f42aa8223259364cdb5aa7dc22d8fa184bfbf260ffa29e4de87
ce53889b85805db1d3a424a2252749ed3a377b400f4a03a709a6304c84116d03
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d97277ff0309a8bf143630b0560cd9cbc59b32719ad80a9e5decd1cb7cba793a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ab4078c551a0f8b5809ef358b4b0b1f6ef76c05f41f2861b2490d4937ebf02