urlscan.io logo urlscan.io
SecurityTrails logo

hillcrest.com Open in urlscan Pro
209.182.203.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hillcrest.com/
Effective URL: https://hillcrest.com/
Submission: On August 08 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 1 countries across 20 domains to perform 106 HTTP transactions. The main IP is 209.182.203.61, located in United States and belongs to INMOTION, US. The main domain is hillcrest.com. The Cisco Umbrella rank of the primary domain is 811036.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 29th 2022. Valid for: 3 months.
This is the only time hillcrest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 38 209.182.203.61 22611 (INMOTION)
1 1 54.230.202.5 16509 (AMAZON-02)
2 54.230.202.109 16509 (AMAZON-02)
2 54.230.160.114 16509 (AMAZON-02)
23 13.89.105.76 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 23.78.205.184 16625 (AKAMAI-AS)
9 151.101.66.217 54113 (FASTLY)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.0.165.180 7160 (NETDYNAMICS)
1 2607:f8b0:400... 15169 (GOOGLE)
3 13.84.36.2 8075 (MICROSOFT...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 5 15.197.193.217 16509 (AMAZON-02)
2 40.78.229.32 8075 (MICROSOFT...)
2 2 3.208.136.8 14618 (AMAZON-AES)
2 2 68.67.179.87 29990 (ASN-APPNEX)
1 1 8.43.72.97 26667 (RUBICONPR...)
4 52.1.106.123 14618 (AMAZON-AES)
106 18
38    209.182.203.61 (United States)

ASN22611 (INMOTION, US)
PTR: cc3842.inmotionhosting.com
hillcrest.com
ardenthealthsolutions.com
setonharkerheights.net
1    54.230.202.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-202-5.msp50.r.cloudfront.net
scripts.cip.healthgrades.com
2    54.230.202.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-202-109.msp50.r.cloudfront.net
script-app.mercuryhealthcare.com
2    54.230.160.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-160-114.ewr53.r.cloudfront.net
js.adsrvr.org
23    13.89.105.76 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
medchatapp.com
1    2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2607:f8b0:4006:809::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:808::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2607:f8b0:4006:823::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    23.78.205.184 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-205-184.deploy.static.akamaitechnologies.com
img.en25.com
img04.en25.com
9    151.101.66.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
4    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    142.0.165.180 (United States)

ASN7160 (NETDYNAMICS, US)
s2153014.t.eloqua.com
1    2607:f8b0:4006:80a::200e (New York, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    13.84.36.2 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
shared-assets.medchatapp.com
3    2607:f8b0:4006:80f::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
5    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
2    40.78.229.32 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    3.208.136.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-136-8.compute-1.amazonaws.com
dpm.demdex.net
2    68.67.179.87 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    52.1.106.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-106-123.compute-1.amazonaws.com
events.launchdarkly.com
Apex Domain
Subdomains		 Transfer
31 hillcrest.com
hillcrest.com — Cisco Umbrella Rank: 811036
1 MB
26 medchatapp.com
medchatapp.com — Cisco Umbrella Rank: 92625
shared-assets.medchatapp.com — Cisco Umbrella Rank: 142249
1 MB
13 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 1575
events.launchdarkly.com — Cisco Umbrella Rank: 1221
4 KB
7 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1298
insight.adsrvr.org — Cisco Umbrella Rank: 619
match.adsrvr.org — Cisco Umbrella Rank: 381
7 KB
6 ardenthealthsolutions.com
ardenthealthsolutions.com — Cisco Umbrella Rank: 268155
218 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 501
www.google.com — Cisco Umbrella Rank: 10
1016 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
585 B
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
175 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 238
2 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 188
2 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 635
281 B
2 eloqua.com
s2153014.t.eloqua.com — Cisco Umbrella Rank: 372689
1 KB
2 en25.com
img.en25.com — Cisco Umbrella Rank: 5393
img04.en25.com — Cisco Umbrella Rank: 14738
9 KB
2 mercuryhealthcare.com
script-app.mercuryhealthcare.com — Cisco Umbrella Rank: 50348
12 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
912 B
1 setonharkerheights.net
setonharkerheights.net
78 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 healthgrades.com
scripts.cip.healthgrades.com — Cisco Umbrella Rank: 53277
256 B
106 20
Domain Requested by
31 hillcrest.com 1 redirects hillcrest.com
23 medchatapp.com hillcrest.com
medchatapp.com
9 app.launchdarkly.com medchatapp.com
6 ardenthealthsolutions.com hillcrest.com
ardenthealthsolutions.com
4 events.launchdarkly.com medchatapp.com
4 match.adsrvr.org js.adsrvr.org
4 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
4 www.google-analytics.com hillcrest.com
www.google-analytics.com
3 www.google.com hillcrest.com
3 shared-assets.medchatapp.com medchatapp.com
3 www.googletagmanager.com hillcrest.com
www.googletagmanager.com
2 ib.adnxs.com 2 redirects
2 dpm.demdex.net 2 redirects
2 dc.services.visualstudio.com medchatapp.com
2 s2153014.t.eloqua.com 1 redirects hillcrest.com
2 js.adsrvr.org hillcrest.com
match.adsrvr.org
2 script-app.mercuryhealthcare.com hillcrest.com
www.googletagmanager.com
1 pixel.rubiconproject.com 1 redirects
1 insight.adsrvr.org 1 redirects
1 analytics.google.com www.googletagmanager.com
1 img04.en25.com hillcrest.com
1 img.en25.com hillcrest.com
1 setonharkerheights.net hillcrest.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com hillcrest.com
1 scripts.cip.healthgrades.com 1 redirects
106 26
Subject Issuer Validity Valid
hillcrest.com
cPanel, Inc. Certification Authority		 2022-05-29 -
2022-08-27		 3 months crt.sh
ardenthealthsolutions.com
cPanel, Inc. Certification Authority		 2022-06-20 -
2022-09-18		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.medchatapp.com
Go Daddy Secure Certificate Authority - G2		 2021-12-24 -
2022-12-22		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
setonharkerheights.net
cPanel, Inc. Certification Authority		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.en25.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-17 -
2023-07-18		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-12-24 -
2023-01-25		 a year crt.sh
script-app.mercuryhealthcare.com
Amazon		 2022-03-25 -
2023-04-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2022-06-22 -
2023-06-22		 a year crt.sh
events.launchdarkly.com
Amazon		 2021-09-19 -
2022-10-17		 a year crt.sh

This page contains 7 frames:

Primary Page: https://hillcrest.com/
Frame ID: 1CF59473D9C9DAC1043B7078692B7845
Requests: 63 HTTP requests in this frame

Frame: https://medchatapp.com/widget-launcher/
Frame ID: 49F5C41B5932E3A8AAA68257EF430EBF
Requests: 11 HTTP requests in this frame

Frame: https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Frame ID: 32179211F1D4CA186643CB60250830C9
Requests: 20 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
Frame ID: 505E14A4BA37D23E5C7F915D71A56B86
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 96F7C4AECB8E354EBE90FD51E681F5C6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2096942523085981458&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155
Frame ID: 57E6C3AAE0BE51DD1C503ACF6077D162
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 41EB0EDFFBBF9B9BE6C2E2EF5692877C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hospital Leaders in Oklahoma | Hillcrest HealthCare System

Page URL History Show full URLs

  1. http://hillcrest.com/ HTTP 301
    https://hillcrest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

106
Requests

98 %
HTTPS

32 %
IPv6

20
Domains

26
Subdomains

18
IPs

1
Countries

3145 kB
Transfer

7212 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hillcrest.com/ HTTP 301
    https://hillcrest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://scripts.cip.healthgrades.com/hgcrm-utm-v1.0.js HTTP 301
  • https://script-app.mercuryhealthcare.com/hgcrm-utm-v1.0.js
Request Chain 54
  • https://s2153014.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2153014&ref2=elqNone&tzo=0&ms=206&optin=disabled HTTP 302
  • https://s2153014.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2153014&ref2=elqNone&tzo=0&ms=206&optin=disabled&elqCookie=1
Request Chain 74
  • https://insight.adsrvr.org/track/up?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
Request Chain 84
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3713030e-b64b-415a-a7ef-d939a9e52155&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=3713030e-b64b-415a-a7ef-d939a9e52155&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Request Chain 85
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D3713030e-b64b-415a-a7ef-d939a9e52155 HTTP 302
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2096942523085981458&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155
Request Chain 86
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3713030e-b64b-415a-a7ef-d939a9e52155&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

106 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hillcrest.com/
Redirect Chain
  • http://hillcrest.com/
  • https://hillcrest.com/
30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
1674eaeb68a0b27a8b2edcef290701a27b2762906d131fbbcba39365df506f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
public, max-age=86400
Connection
Keep-Alive
Content-Language
en
Content-Type
text/html; charset=utf-8
Date
Mon, 08 Aug 2022 20:51:41 GMT
Etag
"1659990724-0"
Expires
Sun, 19 Nov 1978 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Mon, 08 Aug 2022 20:32:04 GMT
Permissions-Policy
interest-cohort=()
Server
Apache
Transfer-Encoding
chunked
Vary
Cookie
X-Content-Type-Options
nosniff
X-Drupal-Cache
HIT
X-Frame-Options
SAMEORIGIN

Redirect headers

Cache-Control
max-age=1209600
Connection
Keep-Alive
Content-Length
230
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 08 Aug 2022 20:51:40 GMT
Expires
Mon, 22 Aug 2022 20:51:40 GMT
Keep-Alive
timeout=5, max=100
Location
https://hillcrest.com/
Server
Apache
X-Content-Type-Options
nosniff
all.css
ardenthealthsolutions.com/fonts/fontawesome/css/ 		57 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ardenthealthsolutions.com/fonts/fontawesome/css/all.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
f64f1268bdcebdb26e4b0c9ad0fe26b8b33a9b5688916edd11c6a9536f40e4a4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 20:51:43 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
58870
Expires
Thu, 1 Jan 1970 00:00:00 GMT
hgcrm-utm-v1.0.js
script-app.mercuryhealthcare.com/
Redirect Chain
  • https://scripts.cip.healthgrades.com/hgcrm-utm-v1.0.js
  • https://script-app.mercuryhealthcare.com/hgcrm-utm-v1.0.js
6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-app.mercuryhealthcare.com/hgcrm-utm-v1.0.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
H2
Server
54.230.202.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-202-109.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bf700f048fa89a697e1f6d6bbfeed5990dd3d67a6a0ae1128f7738a13871d98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:44 GMT
via
1.1 8756ee1dc76a96c0b8819a41b02217c8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 00:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MSP50-C2
etag
"1dcfd98244f14d26c1bea4fd80241739"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
content-length
5903
x-amz-cf-id
vNCEUHAQzRpGxhy5dQRT4pS4hNY_sNl6oMsSTw3ihJFRSCK8GMxTSg==

Redirect headers

date
Mon, 08 Aug 2022 20:51:44 GMT
via
1.1 7c28d994d8c6b50be441c1bf800099c0.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
MSP50-C2
x-cache
Miss from cloudfront
location
https://script-app.mercuryhealthcare.com/hgcrm-utm-v1.0.js
content-length
0
x-amz-cf-id
Q6PeewNEyDXkFjDaLVy6nC5ISGmmsk0E6YgpX2AxjxbfvD7oxoFARw==
css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
hillcrest.com/sites/default/files/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1046
Expires
Mon, 22 Aug 2022 20:51:43 GMT
css_6yoTnOY3R4RbX6Sk_5_p-itng_jr9cEyW8YX5smYN6s.css
hillcrest.com/sites/default/files/css/ 		1 KB
929 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/css/css_6yoTnOY3R4RbX6Sk_5_p-itng_jr9cEyW8YX5smYN6s.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
eb2a139ce63747845b5fa4a4ff9fe9fa2b6783f8ebf5c1325bc617e6c99837ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
537
Expires
Mon, 22 Aug 2022 20:51:43 GMT
css_YJopD_IAX1PkLZ-rKwJAJMa1wYaCKOhkic0h0gm05c8.css
hillcrest.com/sites/default/files/css/ 		81 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/css/css_YJopD_IAX1PkLZ-rKwJAJMa1wYaCKOhkic0h0gm05c8.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
609a290ff2005f53e42d9fab2b024024c6b5c1868228e86489cd21d209b4e5cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8382
Expires
Mon, 22 Aug 2022 20:51:43 GMT
css_V-CJlP8ZFeQNgDzFeAIHf_Kc0agoXQrmrxjP4iLGZl4.css
hillcrest.com/sites/default/files/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/css/css_V-CJlP8ZFeQNgDzFeAIHf_Kc0agoXQrmrxjP4iLGZl4.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
57e08994ff1915e40d803cc57802077ff29cd1a8285d0ae6af18cfe222c6665e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1003
Expires
Mon, 22 Aug 2022 20:51:43 GMT
style.css
ardenthealthsolutions.com/fonts/vc/ 		14 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ardenthealthsolutions.com/fonts/vc/style.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
f425561d34fb6f5383c3d78a1375ac58f50ad4d992666a496192c867fa5582c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 20:51:43 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
14427
Expires
Thu, 1 Jan 1970 00:00:00 GMT
css_8ylG94_GRZuvmPEpYUBt-lVmnbXal105RxrB6WaWdto.css
hillcrest.com/sites/default/files/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/css/css_8ylG94_GRZuvmPEpYUBt-lVmnbXal105RxrB6WaWdto.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
f32946f78fc6459baf98f12961406dfa55669db5da975d39471ac1e9669676da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Jul 2022 19:03:49 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2243
Expires
Mon, 22 Aug 2022 20:51:43 GMT
css_GdIdNHqGq0XRqOFDEiWQfyPihdv2NSJp_53tU1g6Ryk.css
hillcrest.com/sites/default/files/css/ 		157 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/css/css_GdIdNHqGq0XRqOFDEiWQfyPihdv2NSJp_53tU1g6Ryk.css
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
19d21d347a86ab45d1a8e1431225907f23e285dbf6352269ff9ded53583a4729
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/css
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
26806
Expires
Mon, 22 Aug 2022 20:51:43 GMT
js_Rko9ugfYMgY_Kf316LtS6Bbb3aYRqwwnO-TxLFqcQEk.js
hillcrest.com/sites/default/files/js/ 		350 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/js/js_Rko9ugfYMgY_Kf316LtS6Bbb3aYRqwwnO-TxLFqcQEk.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
464a3dba07d832063f29fdf5e8bb52e816dbdda611ab0c273be4f12c5a9c4049
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
285
Expires
Mon, 22 Aug 2022 20:51:43 GMT
js_6wB7_RH3hNT_viZwOlvXgQ7bvciK-Mir9CVHAkENV64.js
hillcrest.com/sites/default/files/js/ 		129 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/js/js_6wB7_RH3hNT_viZwOlvXgQ7bvciK-Mir9CVHAkENV64.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
eb007bfd11f784d4ffbe26703a5bd7810edbbdc88af8c8abf4254702410d57ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 11 Jul 2022 13:26:16 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
45431
Expires
Mon, 22 Aug 2022 20:51:43 GMT
js_DaWOlSytFFAGLEEQe3Lws1ZpmFb7Da3Bk1FViMAhlII.js
hillcrest.com/sites/default/files/js/ 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/js/js_DaWOlSytFFAGLEEQe3Lws1ZpmFb7Da3Bk1FViMAhlII.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
0da58e952cad1450062c41107b72f0b356699856fb0dadc193515588c0219482
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18356
Expires
Mon, 22 Aug 2022 20:51:43 GMT
js_rsGiM5M1ffe6EhN-RnhM5f3pDyJ8ZAPFJNKpfjtepLk.js
hillcrest.com/sites/default/files/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/js/js_rsGiM5M1ffe6EhN-RnhM5f3pDyJ8ZAPFJNKpfjtepLk.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
aec1a23393357df7ba12137e46784ce5fde90f227c6403c524d2a97e3b5ea4b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1873
Expires
Mon, 22 Aug 2022 20:51:43 GMT
js_9mYwvMVRZuwhM5RNqePA9IvlSMh00SDPIZlFFEnEjNI.js
hillcrest.com/sites/default/files/js/ 		76 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/js/js_9mYwvMVRZuwhM5RNqePA9IvlSMh00SDPIZlFFEnEjNI.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
f66630bcc55166ec2133944da9e3c0f48be548c874d120cf2199451449c48cd2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
17101
Expires
Mon, 22 Aug 2022 20:51:43 GMT
logo.png
hillcrest.com/sites/all/themes/oklahoma/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/logo.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
f92e550c3cdb1aa7ed4ccb6e51beaaacb047bb66e96aa75c1d7059d96193ccd0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7255
Expires
Mon, 22 Aug 2022 20:51:43 GMT
Hillcrest-Mammo-1800-x-500.jpg
hillcrest.com/sites/default/files/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/default/files/Hillcrest-Mammo-1800-x-500.jpg
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
2b6635b27f47486e49f54cbc72dcb3f50e70ebe9c08b67e351c6228d3122293e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Jun 2022 17:09:56 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
126827
Expires
Mon, 22 Aug 2022 20:51:44 GMT
HHS%20-%20ODVV%20Web%20Banner%20.jpg
hillcrest.com/sites/default/files/ 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/default/files/HHS%20-%20ODVV%20Web%20Banner%20.jpg
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
271366c28abc195b450435a79811df5f5364efca1ee1eae3547935c0289de292
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Jun 2022 21:23:54 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
117781
Expires
Mon, 22 Aug 2022 20:51:44 GMT
Ortho-Web-Banner-10-21.jpg
hillcrest.com/sites/default/files/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/default/files/Ortho-Web-Banner-10-21.jpg
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
0e37de7b5a6fd041fc24f539c7339f3750d9762f59ecc454843b91d30f5ddc75
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Oct 2021 01:58:33 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
118880
Expires
Mon, 22 Aug 2022 20:51:44 GMT
hhs_virtual_care1800x500.png
hillcrest.com/sites/default/files/ 		558 KB
559 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/default/files/hhs_virtual_care1800x500.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
d32a841cf693b7d95e0aa4879c207762cff8ce13e909d01e3ac315e882ac0e91
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 May 2021 20:35:52 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
571763
Expires
Mon, 22 Aug 2022 20:51:44 GMT
hmc.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/hmc.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
c3934e2400f428461ab860eb555f475de41aa4302da2dd5c83285081440cae9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4930
Expires
Mon, 22 Aug 2022 20:51:44 GMT
south.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/south.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
ef1c8c8f56cdb70437db985faa2c7ff83c1bd1205f5dabebeff0253ecddcc7bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4737
Expires
Mon, 22 Aug 2022 20:51:44 GMT
claremore.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/claremore.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
e050c352917ca5a9cbfaf958009a6b153558d660c488529fa4129cf6f5d39acd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5006
Expires
Mon, 22 Aug 2022 20:51:44 GMT
cushing.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/cushing.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
84e17d9c9b6d40a361f1189b646b869ba584bdeb7845e4bbb64231b3cdc825c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4890
Expires
Mon, 22 Aug 2022 20:51:44 GMT
henryetta.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/henryetta.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
66983012d497cf81d228509c0e787b0d4692d2b11050db271216a6fb18c278d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4962
Expires
Mon, 22 Aug 2022 20:51:44 GMT
pryor.png
hillcrest.com/sites/default/files/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/default/files/pryor.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
5d5b0c05c3fa5c1e1a6700962d6327cd292fa4820f3a70ab725bbbd623f36e6a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13 May 2020 16:11:22 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8136
Expires
Mon, 22 Aug 2022 20:51:44 GMT
bailey.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/bailey.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
be572c8a4c5ccad2966cec3b5aff0ca1fccbb296cef7fc40a681ba1deb081cca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
4625
Expires
Mon, 22 Aug 2022 20:51:44 GMT
ohi.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/ohi.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
49b818edcc6cd75dfd49b6f0c9ef326c02a9ed609481e28882a0f91aaeb088c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
4749
Expires
Mon, 22 Aug 2022 20:51:44 GMT
upc.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/upc.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
37c03ed2982f93c2694f26d86c72667c903b5a5ddf0111466d5623452eb31a34
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3802
Expires
Mon, 22 Aug 2022 20:51:44 GMT
tssh.png
hillcrest.com/sites/all/themes/oklahoma/img/logos/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/themes/oklahoma/img/logos/tssh.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
011691db443193612891ec3b4413290f49beefe563088a0c45cb47c0e243ba9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 04:22:33 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
14213
Expires
Mon, 22 Aug 2022 20:51:44 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 15:12:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
20353
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
JqQRlWo781XGkj96utLHIBfs_sE8NqP70OlOHAoY4r04wZPmbU9OXw==
js_MRdvkC2u4oGsp5wVxBG1pGV5NrCPW3mssHxIn6G9tGE.js
hillcrest.com/sites/default/files/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hillcrest.com/sites/default/files/js/js_MRdvkC2u4oGsp5wVxBG1pGV5NrCPW3mssHxIn6G9tGE.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
31176f902daee281aca79c15c411b5a4657936b08f5b79acb07c489fa1bdb461
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 14 Jul 2022 14:15:35 GMT
Server
Apache
Vary
Accept-encoding
Content-Type
text/javascript
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2714
Expires
Mon, 22 Aug 2022 20:51:43 GMT
widget.js
medchatapp.com/widget/ 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/widget.js?api-key=sBvfarzciUOQPf0IJpS_gQ
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5b377794a258b339d59855eee5b49672e408a85a04ec232694a4d05ccf9e962e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:44 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
29055
expires
-1
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/css/css_GdIdNHqGq0XRqOFDEiWQfyPihdv2NSJp_53tU1g6Ryk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 19:53:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 08 Aug 2022 20:51:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Aug 2022 20:51:44 GMT
gtm.js
www.googletagmanager.com/ 		169 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGKD56J
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/js/js_Rko9ugfYMgY_Kf316LtS6Bbb3aYRqwwnO-TxLFqcQEk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3073e9776b91119f3c869a86dd3d0962ce861bc13733abf5718b0078f8d46906
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63379
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 18:57:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Aug 2022 20:51:44 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hillcrest.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 19:31:56 GMT
x-content-type-options
nosniff
age
436788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 19:31:56 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6563
date
Mon, 08 Aug 2022 19:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 08 Aug 2022 21:02:21 GMT
hillcrest_mychart.png
hillcrest.com/sites/default/files/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/default/files/hillcrest_mychart.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/css/css_GdIdNHqGq0XRqOFDEiWQfyPihdv2NSJp_53tU1g6Ryk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
72d8cb931ef51a83fa32d67ab5a1396a391ad3e3e191f5c1c2d7ee10e366b2af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/sites/default/files/css/css_GdIdNHqGq0XRqOFDEiWQfyPihdv2NSJp_53tU1g6Ryk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 09 Mar 2021 01:09:20 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
8679
Expires
Mon, 22 Aug 2022 20:51:44 GMT
fa-solid-900.woff2
ardenthealthsolutions.com/fonts/fontawesome/webfonts/ 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ardenthealthsolutions.com/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: ardenthealthsolutions.com
URL: https://ardenthealthsolutions.com/fonts/fontawesome/css/all.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ardenthealthsolutions.com/fonts/fontawesome/css/all.css
Origin
https://hillcrest.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Jul 2018 21:35:50 GMT
Server
Apache
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
62472
Expires
0
vc-banner-image.jpg
setonharkerheights.net/sites/default/files/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://setonharkerheights.net/sites/default/files/vc-banner-image.jpg
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/css/css_8ylG94_GRZuvmPEpYUBt-lVmnbXal105RxrB6WaWdto.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
aca9fa746bc7810910adbcca9ed227f34054657c6a029e27d07a687f6f38a4d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:45 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 06 Mar 2021 23:48:34 GMT
Server
Apache
Content-Type
image/jpeg
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
79203
Expires
Mon, 22 Aug 2022 20:51:45 GMT
full-circle.png
ardenthealthsolutions.com/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ardenthealthsolutions.com/images/full-circle.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/css/css_8ylG94_GRZuvmPEpYUBt-lVmnbXal105RxrB6WaWdto.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
369068e6933b72fa285cdcdcc6095738fa9b8fbaef6011fa6b612ee46198271b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11667
Expires
Thu, 1 Jan 1970 00:00:00 GMT
clipped-circle.png
ardenthealthsolutions.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ardenthealthsolutions.com/images/clipped-circle.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/css/css_8ylG94_GRZuvmPEpYUBt-lVmnbXal105RxrB6WaWdto.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
2481e2c0390cc6fbf6e53485ca2766e80d8d7dfb4663d22f3c4082d7986bc723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8846
Expires
Thu, 1 Jan 1970 00:00:00 GMT
fa-brands-400.woff2
ardenthealthsolutions.com/fonts/fontawesome/webfonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ardenthealthsolutions.com/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: ardenthealthsolutions.com
URL: https://ardenthealthsolutions.com/fonts/fontawesome/css/all.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ardenthealthsolutions.com/fonts/fontawesome/css/all.css
Origin
https://hillcrest.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 23 Jul 2018 21:35:50 GMT
Server
Apache
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
64144
Expires
0
md-arrow.png
hillcrest.com/sites/all/modules/md_slider/images/ 		290 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hillcrest.com/sites/all/modules/md_slider/images/md-arrow.png
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/css/css_YJopD_IAX1PkLZ-rKwJAJMa1wYaCKOhkic0h0gm05c8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.182.203.61 , United States, ASN22611 (INMOTION, US),
Reverse DNS
cc3842.inmotionhosting.com
Software
Apache /
Resource Hash
1d46e8c9310569702a97db3e54cbd006a1380a69ee2d89ba78e3cd19ca1ad8ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/sites/default/files/css/css_YJopD_IAX1PkLZ-rKwJAJMa1wYaCKOhkic0h0gm05c8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 20:51:44 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 02 Oct 2020 00:22:20 GMT
Server
Apache
Content-Type
image/png
Cache-Control
max-age=1209600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
290
Expires
Mon, 22 Aug 2022 20:51:44 GMT
elqCfg.min.js
img.en25.com/i/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.en25.com/i/elqCfg.min.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/sites/default/files/js/js_DaWOlSytFFAGLEEQe3Lws1ZpmFb7Da3Bk1FViMAhlII.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.205.184 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-205-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection
keep-alive
Content-Length
2183
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Wed, 22 Jun 2022 13:18:58 GMT
Date
Mon, 08 Aug 2022 20:51:45 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
no-store
ETag
"7795cda13a86d81:0"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Expires
Mon, 08 Aug 2022 20:51:45 GMT
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyJ9
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=sBvfarzciUOQPf0IJpS_gQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daa2af66c5f6dde17d1344248d40ac8b9ea665b9deda5ace07cf602f10b81875

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:45 GMT
content-encoding
gzip
vary
Authorization, Accept-Encoding
age
0
x-cache
HIT
content-length
873
x-served-by
cache-chi-klot8100079-CHI, cache-chi-klot8100145-CHI
access-control-allow-origin
*
x-timer
S1659991905.038465,VS0,VE0
etag
"720dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
6
collect
www.google-analytics.com/j/ 		4 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=613014804&t=pageview&_s=1&dl=https%3A%2F%2Fhillcrest.com%2F&ul=en-us&de=UTF-8&dt=Hospital%20Leaders%20in%20Oklahoma%20%7C%20Hillcrest%20HealthCare%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=792558017&gjid=1091492757&cid=1160554575.1659991905&tid=UA-12650531-1&_gid=1803827019.1659991905&_r=1&_slc=1&z=2079498272
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hillcrest.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		200 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KQGCT5KWBG&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGKD56J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
25e84ef37c787d751b3480ab96af203944a1e9ea65821c02cb8a660cae473654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:45 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72961
x-xss-protection
0
expires
Mon, 08 Aug 2022 20:51:45 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-12650531-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGKD56J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca8673f06867f1948fa993311ae80a38106e5d0d158bc32b5e1dfe5cbb8118d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:45 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41925
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 18:57:30 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 08 Aug 2022 20:51:45 GMT
hgcrm-utm-v1.0.js
script-app.mercuryhealthcare.com/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script-app.mercuryhealthcare.com/hgcrm-utm-v1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGKD56J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.202.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-202-109.msp50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1bf700f048fa89a697e1f6d6bbfeed5990dd3d67a6a0ae1128f7738a13871d98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
via
1.1 8756ee1dc76a96c0b8819a41b02217c8.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 00:40:45 GMT
server
AmazonS3
x-amz-cf-pop
MSP50-C2
etag
"1dcfd98244f14d26c1bea4fd80241739"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
content-length
5903
x-amz-cf-id
TX_7uz-qNmIJkrJZ0P4pTXyKz6NNy8wIN-KRgP_BOcZZMp2R9paiew==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=613014804&t=event&ni=0&_s=1&dl=https%3A%2F%2Fhillcrest.com%2F&ul=en-us&de=UTF-8&dt=Hospital%20Leaders%20in%20Oklahoma%20%7C%20Hillcrest%20HealthCare%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=GTM-Banners-Shown&ea=homepage-banner-mammo&el=mammo-scheduling&ev=0&_u=aEDAAEABAAAAAC~&jid=612074918&gjid=1815198129&cid=1160554575.1659991905&tid=UA-12650531-1&_gid=1803827019.1659991905&_r=1&gtm=2wg830WGKD56J&z=1065388046
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hillcrest.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.db33cde58b4694fd9372.css
medchatapp.com/widget/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/widget.db33cde58b4694fd9372.css
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=sBvfarzciUOQPf0IJpS_gQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7dbd91f290f31441753ac34e08df314814461831194a0e16ddfa4dd85a311c66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:45 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
939
/
medchatapp.com/widget-launcher/ Frame 49F5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=sBvfarzciUOQPf0IJpS_gQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8a863583b612cda1ebb55125bce25af086cc11fcc9122c19113bea44db7bc9ee

Request headers

Referer
https://hillcrest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type
access-control-allow-origin
*
content-encoding
gzip
content-length
918
content-type
text/html
date
Mon, 08 Aug 2022 20:51:45 GMT
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
sBvfarzciUOQPf0IJpS_gQ
medchatapp.com/widget/ Frame 3217 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/widget.js?api-key=sBvfarzciUOQPf0IJpS_gQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c5cd43e678b964a5ef86115597f34343f0ab43cf37fd701ca5df248b8fc9da9

Request headers

Referer
https://hillcrest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
999
content-type
text/html
date
Mon, 08 Aug 2022 20:51:45 GMT
etag
"0c244f3fa8d81:0"
expires
-1
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
collect
stats.g.doubleclick.net/j/ 		2 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12650531-1&cid=1160554575.1659991905&jid=792558017&gjid=1091492757&_gid=1803827019.1659991905&_u=IEBAAEAAAAAAAC~&z=1848254975
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillcrest.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Aug 2022 20:51:46 GMT
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
svrGP.aspx
s2153014.t.eloqua.com/visitor/v200/
Redirect Chain
  • https://s2153014.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=2153014&ref2=elqNone&tzo=0&ms=206&optin=disabled
  • https://s2153014.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2153014&ref2=elqNone&tzo=0&ms=206&optin=disabled&elqCookie=1
49 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2153014.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2153014&ref2=elqNone&tzo=0&ms=206&optin=disabled&elqCookie=1
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Server
142.0.165.180 , United States, ASN7160 (NETDYNAMICS, US),
Reverse DNS
Software
/
Resource Hash
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Type
image/gif
Date
Mon, 08 Aug 2022 20:51:46 GMT
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
X-Robots-Tag
noindex, nofollow
Content-Length
49
X-Xss-Protection
1; mode=block
Expires
-1

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Date
Mon, 08 Aug 2022 20:51:46 GMT
X-Robots-Tag
noindex, nofollow
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location
https://s2153014.t.eloqua.com/visitor/v200/svrGP.aspx?pps=3&siteid=2153014&ref2=elqNone&tzo=0&ms=206&optin=disabled&elqCookie=1
Cache-Control
no-store
Content-Type
text/html; charset=utf-8
Content-Length
268
X-Xss-Protection
1; mode=block
Expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=613014804&t=pageview&_s=1&dl=https%3A%2F%2Fhillcrest.com%2F&ul=en-us&de=UTF-8&dt=Hospital%20Leaders%20in%20Oklahoma%20%7C%20Hillcrest%20HealthCare%20System&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GDAAUABAAAAAC~&jid=630095530&gjid=664978367&cid=1160554575.1659991905&tid=UA-12650531-1&_gid=1803827019.1659991905&_r=1&gtm=2ou830&cd2=403be112-9bff-42b3-a3a0-48fa965b115b&cd1=1160554575.1659991905&z=732049057
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hillcrest.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
elqCfg.min.js
img04.en25.com/i/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img04.en25.com/i/elqCfg.min.js
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.205.184 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-205-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
Content-Type
application/x-javascript
Last-Modified
Wed, 22 Jun 2022 13:18:58 GMT
ETag
"7795cda13a86d81:0"
P3P
CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control
no-store
Date
Mon, 08 Aug 2022 20:51:46 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
Content-Length
6080
X-XSS-Protection
1; mode=block
Expires
Mon, 08 Aug 2022 20:51:46 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12650531-1&cid=1160554575.1659991905&jid=612074918&gjid=1815198129&_gid=1803827019.1659991905&_u=aEDAAEABAAAAAC~&z=1057805806
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillcrest.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Aug 2022 20:51:46 GMT
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KQGCT5KWBG&gtm=2oe830&_p=613014804&_z=ccd.v9B&_gaz=1&cid=1160554575.1659991905&ul=en-us&sr=1600x1200&_s=1&sid=1659991905&sct=1&seg=0&dl=https%3A%2F%2Fhillcrest.com%2F&dt=Hospital%20Leaders%20in%20Oklahoma%20%7C%20Hillcrest%20HealthCare%20System&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KQGCT5KWBG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KQGCT5KWBG&cid=1160554575.1659991905&gtm=2oe830&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KQGCT5KWBG&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runtime.e7abd1f9221a76f9.js
medchatapp.com/widget/ Frame 3217 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/runtime.e7abd1f9221a76f9.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa470820624bdbeaee72537f4214d1480bedadf3a19669fb8d9839eb6ffebcd4

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
1898
polyfills.dc623d97118c097b.js
medchatapp.com/widget/ Frame 3217 		102 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8340f542ddddfe7dff939896f54ffb290d2411d08f66ae359852f815806caa24

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
36448
main.2652358f66cb7511.js
medchatapp.com/widget/ Frame 3217 		1 MB
326 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/main.2652358f66cb7511.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa3879489c2daf6b5483fd0bd02f8bebe39349c4ba0048c337e21ca31daceba4

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
332838
runtime.fb227d1a52e5a6d1.js
medchatapp.com/widget-launcher/ Frame 49F5 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/runtime.fb227d1a52e5a6d1.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d5eb67e1d759953e7528a0a91d94a9e14042febf962c37a866d5bcd6ce903328

Request headers

Referer
https://medchatapp.com/widget-launcher/
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
943
polyfills.ee34b270bafba9ee.js
medchatapp.com/widget-launcher/ Frame 49F5 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7a2625338a4e787e6df75cdd3578e9132ca23a30531cb0ac0ba5c7a4c2d51e7c

Request headers

Referer
https://medchatapp.com/widget-launcher/
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
38441
main.709a27cf04f5db33.js
medchatapp.com/widget-launcher/ Frame 49F5 		743 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/main.709a27cf04f5db33.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3d937038111427376f7750d905630b678c7be9df0824f03d90d1b2d44ae780f

Request headers

Referer
https://medchatapp.com/widget-launcher/
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
218771
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12650531-1&cid=1160554575.1659991905&jid=630095530&gjid=664978367&_gid=1803827019.1659991905&_u=6GDAAUABAAAAAC~&z=1045637497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hillcrest.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 08 Aug 2022 20:51:47 GMT
content-type
text/plain
access-control-allow-origin
https://hillcrest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles.557d03d47503c2b4.css
medchatapp.com/widget/ Frame 3217 		174 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/styles.557d03d47503c2b4.css
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c2e8a0e2e4bebca55caaba10a9b569e2027f0959b718184be723ff7ff2e5b7fd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
23479
styles.ff7718e9ec0e3510.css
medchatapp.com/widget-launcher/ Frame 49F5 		172 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/styles.ff7718e9ec0e3510.css
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1b3b2f9c1dae2131b581eaf12536e5f63fae723e553ba1abda9e6b414b4945a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medchatapp.com/widget-launcher/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
22953
IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame 49F5 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer
https://medchatapp.com/
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
etag
"4a6d842ce0c8d61:0"
last-modified
Wed, 02 Dec 2020 19:20:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
78672
IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame 3217 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?&hasWrapper=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer
https://medchatapp.com/
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:46 GMT
etag
"4a6d842ce0c8d61:0"
last-modified
Wed, 02 Dec 2020 19:20:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
78672
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12650531-1&cid=1160554575.1659991905&jid=792558017&_u=IEBAAEAAAAAAAC~&z=1879761085
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12650531-1&cid=1160554575.1659991905&jid=612074918&_u=aEDAAEABAAAAAC~&z=1632516452
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12650531-1&cid=1160554575.1659991905&jid=630095530&_u=6GDAAUABAAAAAC~&z=1164736953
Requested by
Host: hillcrest.com
URL: https://hillcrest.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hillcrest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 08 Aug 2022 20:51:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
match.adsrvr.org/track/upb/ Frame 505E
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
  • https://match.adsrvr.org/track/upb/?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
2bbace284fdc7e472b84c22e467c574bf2bffae5493cb6c475c319856c959100

Request headers

Referer
https://hillcrest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 08 Aug 2022 20:51:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
private,no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 08 Aug 2022 20:51:48 GMT
location
https://match.adsrvr.org/track/upb/?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 08 Aug 2022 20:51:48 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-served-by
cache-chi-klot8100145-CHI
x-timer
S1659991908.237900,VS0,VE0
sBvfarzciUOQPf0IJpS_gQ
medchatapp.com/api/widgets/ Frame 3217 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/sBvfarzciUOQPf0IJpS_gQ?url=https%3A%2F%2Fhillcrest.com%2F
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
fb4c80cb1e71908e7e63ea7d579969cc8f2e7db7b50c0a423bd68a3da51a6d31

Request headers

Pragma
no-cache
x-session-correlation-id
9w8re4
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Accept
application/vnd.medchat+json;v=2.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Request-Id
|510748669a8d472e8454c5ceaafeaaf1.4c2296512c5042b1
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
server
Microsoft-HTTPAPI/2.0
content-type
application/vnd.medchat+json; v=2.0; charset=utf-8
content-length
2791
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
widgetStatus
medchatapp.com/api/widgets/sBvfarzciUOQPf0IJpS_gQ/ Frame 3217 		47 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/sBvfarzciUOQPf0IJpS_gQ/widgetStatus
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0f61a16b6b5f251ff9586b662a3ce33b1b0e769f9d806fb142ce3acdf652b950

Request headers

Pragma
no-cache
x-session-correlation-id
9w8re4
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Accept
application/vnd.medchat+json;v=1.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Request-Id
|510748669a8d472e8454c5ceaafeaaf1.d3cc351c860645a2
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
server
Microsoft-HTTPAPI/2.0
content-type
application/vnd.medchat+json; v=1.0; charset=utf-8
content-length
47
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 3217 		2 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Mon, 08 Aug 2022 20:51:48 GMT
content-length
26
x-served-by
cache-chi-klot8100145-CHI
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1659991908.270873,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
15
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 3217 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daa2af66c5f6dde17d1344248d40ac8b9ea665b9deda5ace07cf602f10b81875

Request headers

Referer
https://medchatapp.com/
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
vary
Authorization, Accept-Encoding
age
0
x-cache
HIT
content-length
873
x-served-by
cache-chi-klot8100082-CHI, cache-chi-klot8100145-CHI
access-control-allow-origin
*
x-timer
S1659991908.272582,VS0,VE1
etag
"720dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LyJ9fQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 08 Aug 2022 20:51:48 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
5
x-served-by
cache-chi-klot8100145-CHI
x-timer
S1659991908.244975,VS0,VE0
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.78.229.32 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Mon, 08 Aug 2022 20:51:47 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ Frame 3217 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.78.229.32 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
796bedcb9bce415277dc8897445dff2b2c7c0cb4675dfc49c70ea6019bc70942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://medchatapp.com/
accept-language
en-US,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
69E61696-3E17-40CD-A014-4D5B7DF89764
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 08 Aug 2022 20:51:47 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 505E 		487 B
987 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=j2mel20&ref=https%3A%2F%2Fhillcrest.com%2F&upid=i0tzskz&upv=1.1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.160.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-160-114.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.adsrvr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date
Mon, 08 Aug 2022 00:01:17 GMT
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:32 GMT
Server
AmazonS3
Age
75032
ETag
"f0a7a3296da7382ce6bc1a3b6769e927"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
487
X-Amz-Cf-Id
IRjJwIXA4prwMdk7jZb78mqT0qm6E0xEn0swZibotrMve7pcJf59yg==
generic
match.adsrvr.org/track/cmf/ Frame 96F7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3713030e-b64b-415a-a7ef-d939a9e52155&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=3713030e-b64b-415a-a7ef-d939a9e52155&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
70 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 08 Aug 2022 20:51:49 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
DCS
dcs-prod-va6-2-v038-04e0ee0c1.edge-va6.demdex.com 8 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
SkIBPL4WRj4=
appnexus
match.adsrvr.org/track/cmf/ Frame 57E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3D3713030e-b64b-415a-a7ef-d939a9e52155
  • https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2096942523085981458&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155
70 B
574 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2096942523085981458&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 08 Aug 2022 20:51:49 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

AN-X-Request-Uuid
f3e181b0-7292-4d10-8aa2-9dbd28d66ce4
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 08 Aug 2022 20:51:48 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=2096942523085981458&ttd_tdid=3713030e-b64b-415a-a7ef-d939a9e52155
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
104.237.193.28; 104.237.193.28; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 41EB
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=3713030e-b64b-415a-a7ef-d939a9e52155&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 08 Aug 2022 20:51:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
content-length
0
avatar
medchatapp.com/api/orgs/5083e032-1f12-6adf-7964-39fa714a4c21/widgets/e2d45857-06e2-5e77-cf09-39fdbcbb3cff/ Frame 3217 		829 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medchatapp.com/api/orgs/5083e032-1f12-6adf-7964-39fa714a4c21/widgets/e2d45857-06e2-5e77-cf09-39fdbcbb3cff/avatar
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2da5e984389f50c24dc72e362daaaac05e9d34d0d926cc31e69a61e85cf678f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
cache-control
private,max-age=604800
server
Microsoft-HTTPAPI/2.0
content-type
image/png; v=1.0
content-length
829
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 49F5 		2 B
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
access-control-max-age
300
date
Mon, 08 Aug 2022 20:51:48 GMT
content-length
26
x-served-by
cache-chi-klot8100145-CHI
access-control-allow-origin
*
ld-region
us-east-1
x-timer
S1659991909.728368,VS0,VE0
etag
"d751713988987e9331980363e24189ce"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
16
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 49F5 		6 KB
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
daa2af66c5f6dde17d1344248d40ac8b9ea665b9deda5ace07cf602f10b81875

Request headers

Referer
https://medchatapp.com/
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
vary
Authorization, Accept-Encoding
age
0
x-cache
HIT
content-length
873
x-served-by
cache-chi-kigq8000177-CHI, cache-chi-klot8100145-CHI
access-control-allow-origin
*
x-timer
S1659991909.728488,VS0,VE2
etag
"720dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
via
1.1 varnish
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
590ca63f5fc26e09cd4f103d
app.launchdarkly.com/sdk/goals/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/goals/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 08 Aug 2022 20:51:48 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
7
x-served-by
cache-chi-klot8100145-CHI
x-timer
S1659991909.647762,VS0,VE0
eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/590ca63f5fc26e09cd4f103d/users/eyJhbm9ueW1vdXMiOnRydWUsImtleSI6ImFub255bW91cyIsImN1c3RvbSI6eyJhcGlLZXkiOiJzQnZmYXJ6Y2lVT1FQZjBJSnBTX2dRIiwiYmFzZUhyZWYiOiIvd2lkZ2V0LWxhdW5jaGVyLyJ9fQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 08 Aug 2022 20:51:48 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-served-by
cache-chi-klot8100145-CHI
x-timer
S1659991909.647831,VS0,VE0
topicStatuses
medchatapp.com/api/widgets/sBvfarzciUOQPf0IJpS_gQ/ Frame 3217 		517 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/api/widgets/sBvfarzciUOQPf0IJpS_gQ/topicStatuses
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
551ddf1f1223ba335ce15505a45fdd905d532b30579675ceb247eebcd71fcaf3

Request headers

Request-Id
|510748669a8d472e8454c5ceaafeaaf1.6fd95fefdfd94e32
Pragma
no-cache
x-session-correlation-id
9w8re4
x-widget-id
e2d45857-06e2-5e77-cf09-39fdbcbb3cff
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Accept
application/vnd.medchat+json;v=1.0
Cache-Control
no-cache
Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
If-Modified-Since
Sat, 01 Jan 2000 00:00:00 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
server
Microsoft-HTTPAPI/2.0
content-type
application/vnd.medchat+json; v=1.0; charset=utf-8
content-length
517
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
122.11d06a766e1d62cb.js
medchatapp.com/widget/ Frame 3217 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/122.11d06a766e1d62cb.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.e7abd1f9221a76f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9ea8bd96f3b985bff3a13198c750e4f094863efe3fef420e742dc992b4cc6c0e

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
308943
541.d8d453e0cec942b9.js
medchatapp.com/widget/ Frame 3217 		262 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/541.d8d453e0cec942b9.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.e7abd1f9221a76f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
03d3155910c05b5dad73d85b1f180590c8230a05f39c0ef1ccbf8afbfaecc7b9

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
69261
2.3e663590037281f1.js
medchatapp.com/widget/ Frame 3217 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/2.3e663590037281f1.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.e7abd1f9221a76f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
55099e277523ff6e69edcbda23ba829762d68c0ef96cc8d65965ac92cc92292b

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
7980
986.a17a07138b449ec9.js
medchatapp.com/widget/ Frame 3217 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/986.a17a07138b449ec9.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.e7abd1f9221a76f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fc054b3bf93a43efa68be8158ba803defb0f7c20f149f66f0dc19773b56dbf0a

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
851
IBMPlexSans-Regular.woff
shared-assets.medchatapp.com/fonts/ Frame 3217 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://shared-assets.medchatapp.com/fonts/IBMPlexSans-Regular.woff
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/styles.ff7718e9ec0e3510.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.84.36.2 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e

Request headers

Referer
https://medchatapp.com/
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
etag
"4a6d842ce0c8d61:0"
last-modified
Wed, 02 Dec 2020 19:20:19 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
78672
avatar
medchatapp.com/api/orgs/5083e032-1f12-6adf-7964-39fa714a4c21/widgets/e2d45857-06e2-5e77-cf09-39fdbcbb3cff/ Frame 49F5 		829 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medchatapp.com/api/orgs/5083e032-1f12-6adf-7964-39fa714a4c21/widgets/e2d45857-06e2-5e77-cf09-39fdbcbb3cff/avatar
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/main.709a27cf04f5db33.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2da5e984389f50c24dc72e362daaaac05e9d34d0d926cc31e69a61e85cf678f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://medchatapp.com/widget-launcher/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
cache-control
private,max-age=604800
server
Microsoft-HTTPAPI/2.0
content-type
image/png; v=1.0
content-length
829
request-context
appId=cid-v1:be4588a2-b71d-47dd-8148-6312efa0bc11
svg-symbols.svg
medchatapp.com/widget-launcher/assets/ Frame 49F5 		254 KB
87 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget-launcher/assets/svg-symbols.svg
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
056db99051aa61fab5b10e0b3d398512c697483617093848502456f3bbfd1f06

Request headers

accept-language
en-US,en;q=0.9
Accept
application/json, text/plain, */*
Referer
https://medchatapp.com/widget-launcher/
Request-Id
|ddfdf8409ccb41a79d430348d0ef9d02.323e83a5625449d8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:48 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
88860
465.64cb75b65dc0a46f.js
medchatapp.com/widget/ Frame 3217 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medchatapp.com/widget/465.64cb75b65dc0a46f.js
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/runtime.e7abd1f9221a76f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.89.105.76 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
609987d47552262ea4421055eb6b17996bfd1d3674e82d9aff1ba33a4b4c2529

Request headers

Referer
https://medchatapp.com/widget/sBvfarzciUOQPf0IJpS_gQ?hasWrapper=true
Origin
https://medchatapp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 20:51:50 GMT
content-encoding
gzip
etag
"0c244f3fa8d81:0"
last-modified
Thu, 04 Aug 2022 20:16:20 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type
content-length
25459
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 3217 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget/polyfills.dc623d97118c097b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.106.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-106-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
X-LaunchDarkly-Event-Schema
3
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 Aug 2022 20:51:50 GMT
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
strict-transport-security
max-age=31536000
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.106.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-106-123.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 08 Aug 2022 20:51:50 GMT
strict-transport-security
max-age=31536000
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 49F5 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Requested by
Host: medchatapp.com
URL: https://medchatapp.com/widget-launcher/polyfills.ee34b270bafba9ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.106.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-106-123.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://medchatapp.com/
X-LaunchDarkly-Event-Schema
3
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/2.10.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 08 Aug 2022 20:51:50 GMT
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
strict-transport-security
max-age=31536000
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
590ca63f5fc26e09cd4f103d
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/590ca63f5fc26e09cd4f103d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.106.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-106-123.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://medchatapp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 08 Aug 2022 20:51:50 GMT
strict-transport-security
max-age=31536000

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| Drupal undefined| $ function| jQuery object| jQuery19107827844329020222 object| _elqQ object| html5 object| Modernizr function| yepnope object| effectsIn object| effectsOut string| GoogleAnalyticsObject function| ga function| Loadcomplete function| ttd_dom_ready function| TTDUniversalPixelApi number| $current_year object| __core-js_shared__ object| core function| currentExecutingScript object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady object| medchatapp object| MedChatApp object| MedChat object| _elq function| gtag function| uuid4 string| crmSessionId

19 Cookies

Domain/Path Name / Value
.hillcrest.com/ Name: _gid
Value: GA1.2.1803827019.1659991905
.hillcrest.com/ Name: _gat
Value: 1
.hillcrest.com/ Name: _gcl_au
Value: 1.1.280395309.1659991905
.hillcrest.com/ Name: _gat_UA-12650531-1
Value: 1
.hillcrest.com/ Name: _gat_gtag_UA_12650531_1
Value: 1
hillcrest.com/ Name: hg_ga_cid
Value: 1160554575.1659991905
.hillcrest.com/ Name: _ga_KQGCT5KWBG
Value: GS1.1.1659991905.1.0.1659991905.60
.hillcrest.com/ Name: _ga
Value: GA1.1.1160554575.1659991905
.eloqua.com/ Name: ELOQUA
Value: GUID=ACC3A2FA8D6342F69D68F8970B9AD87A
.eloqua.com/ Name: ELQSTATUS
Value: OK
medchatapp.com/ Name: ai_user
Value: q1lMM|2022-08-08T20:51:47.750Z
.adsrvr.org/ Name: TDID
Value: 3713030e-b64b-415a-a7ef-d939a9e52155
.adnxs.com/ Name: uuid2
Value: 2096942523085981458
.rubiconproject.com/ Name: khaos
Value: L6L8BM9U-V-279
.rubiconproject.com/ Name: audit
Value: 1|yF5CblYyzC32rpR/UYlYZLE6NjnGuZpzOj/HW4aN0hWpvJsTmDCLGHLEkAqvNp0KuZj1UAKei2Bw0S94mtzOH0pB9H8pjytykCdHvyxZSdajY2jSrY2vnIpMel25k994F0XIlID0o/WGKfo8AvEbzT0fx6qPiy1ii8N7BAmaQgdJt49mPrPRUFyo1mMSXCQ85kHVXO4iITS/uI9Aj+Yjkr7KKI+4mJy3oGirqm5gUhh8KMm0j6uXBGY3KwFBcKEE94+z9/eToJrLtHkR71fkUv/JTzblBZm7jOq1oSpaE+yma+WVcS1g3g==
medchatapp.com/ Name: ai_session
Value: Lksf8|1659991908059|1659991908760.2
.demdex.net/ Name: demdex
Value: 65173303950987292192706117843575422005
.dpm.demdex.net/ Name: dpm
Value: 65173303950987292192706117843575422005
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI9rTwhLvi_DoQBRIXCghhcHBuZXh1cxILCPa08IS74vw6EAUSFgoHcnViaWNvbhILCPa08IS74vw6EAUYBSACKAMyCwj2rPOx0eL8OhAFOAFCBCICCAFaB2oybWVsMjBgAQ..

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
app.launchdarkly.com
ardenthealthsolutions.com
dc.services.visualstudio.com
dpm.demdex.net
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
hillcrest.com
ib.adnxs.com
img.en25.com
img04.en25.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
medchatapp.com
pixel.rubiconproject.com
s2153014.t.eloqua.com
script-app.mercuryhealthcare.com
scripts.cip.healthgrades.com
setonharkerheights.net
shared-assets.medchatapp.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
13.84.36.2
13.89.105.76
142.0.165.180
15.197.193.217
151.101.66.217
209.182.203.61
23.78.205.184
2607:f8b0:4004:c09::9d
2607:f8b0:4006:808::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:823::200e
3.208.136.8
40.78.229.32
52.1.106.123
54.230.160.114
54.230.202.109
54.230.202.5
68.67.179.87
8.43.72.97
011691db443193612891ec3b4413290f49beefe563088a0c45cb47c0e243ba9d
03d3155910c05b5dad73d85b1f180590c8230a05f39c0ef1ccbf8afbfaecc7b9
056db99051aa61fab5b10e0b3d398512c697483617093848502456f3bbfd1f06
0da58e952cad1450062c41107b72f0b356699856fb0dadc193515588c0219482
0e37de7b5a6fd041fc24f539c7339f3750d9762f59ecc454843b91d30f5ddc75
0f61a16b6b5f251ff9586b662a3ce33b1b0e769f9d806fb142ce3acdf652b950
1674eaeb68a0b27a8b2edcef290701a27b2762906d131fbbcba39365df506f42
19d21d347a86ab45d1a8e1431225907f23e285dbf6352269ff9ded53583a4729
1bf700f048fa89a697e1f6d6bbfeed5990dd3d67a6a0ae1128f7738a13871d98
1d46e8c9310569702a97db3e54cbd006a1380a69ee2d89ba78e3cd19ca1ad8ce
2481e2c0390cc6fbf6e53485ca2766e80d8d7dfb4663d22f3c4082d7986bc723
25e84ef37c787d751b3480ab96af203944a1e9ea65821c02cb8a660cae473654
271366c28abc195b450435a79811df5f5364efca1ee1eae3547935c0289de292
2b6635b27f47486e49f54cbc72dcb3f50e70ebe9c08b67e351c6228d3122293e
2bbace284fdc7e472b84c22e467c574bf2bffae5493cb6c475c319856c959100
2da5e984389f50c24dc72e362daaaac05e9d34d0d926cc31e69a61e85cf678f7
3073e9776b91119f3c869a86dd3d0962ce861bc13733abf5718b0078f8d46906
31176f902daee281aca79c15c411b5a4657936b08f5b79acb07c489fa1bdb461
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
369068e6933b72fa285cdcdcc6095738fa9b8fbaef6011fa6b612ee46198271b
37c03ed2982f93c2694f26d86c72667c903b5a5ddf0111466d5623452eb31a34
464a3dba07d832063f29fdf5e8bb52e816dbdda611ab0c273be4f12c5a9c4049
49b818edcc6cd75dfd49b6f0c9ef326c02a9ed609481e28882a0f91aaeb088c8
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55099e277523ff6e69edcbda23ba829762d68c0ef96cc8d65965ac92cc92292b
551ddf1f1223ba335ce15505a45fdd905d532b30579675ceb247eebcd71fcaf3
57e08994ff1915e40d803cc57802077ff29cd1a8285d0ae6af18cfe222c6665e
5b377794a258b339d59855eee5b49672e408a85a04ec232694a4d05ccf9e962e
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5d5b0c05c3fa5c1e1a6700962d6327cd292fa4820f3a70ab725bbbd623f36e6a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
609987d47552262ea4421055eb6b17996bfd1d3674e82d9aff1ba33a4b4c2529
609a290ff2005f53e42d9fab2b024024c6b5c1868228e86489cd21d209b4e5cf
66983012d497cf81d228509c0e787b0d4692d2b11050db271216a6fb18c278d1
6c5cd43e678b964a5ef86115597f34343f0ab43cf37fd701ca5df248b8fc9da9
72d8cb931ef51a83fa32d67ab5a1396a391ad3e3e191f5c1c2d7ee10e366b2af
796bedcb9bce415277dc8897445dff2b2c7c0cb4675dfc49c70ea6019bc70942
7a2625338a4e787e6df75cdd3578e9132ca23a30531cb0ac0ba5c7a4c2d51e7c
7dbd91f290f31441753ac34e08df314814461831194a0e16ddfa4dd85a311c66
8340f542ddddfe7dff939896f54ffb290d2411d08f66ae359852f815806caa24
84e17d9c9b6d40a361f1189b646b869ba584bdeb7845e4bbb64231b3cdc825c4
8a863583b612cda1ebb55125bce25af086cc11fcc9122c19113bea44db7bc9ee
8d35554021d48cf78b78c1199df5bbd52852a2b26df8b5ca250bc32ea189039e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9506997e3569c0ffe818da9db56092a494f510ca9774c894f387a42cbc509dce
9ea8bd96f3b985bff3a13198c750e4f094863efe3fef420e742dc992b4cc6c0e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aca9fa746bc7810910adbcca9ed227f34054657c6a029e27d07a687f6f38a4d7
aec1a23393357df7ba12137e46784ce5fde90f227c6403c524d2a97e3b5ea4b9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1b3b2f9c1dae2131b581eaf12536e5f63fae723e553ba1abda9e6b414b4945a
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
be572c8a4c5ccad2966cec3b5aff0ca1fccbb296cef7fc40a681ba1deb081cca
c2e8a0e2e4bebca55caaba10a9b569e2027f0959b718184be723ff7ff2e5b7fd
c3934e2400f428461ab860eb555f475de41aa4302da2dd5c83285081440cae9c
ca8673f06867f1948fa993311ae80a38106e5d0d158bc32b5e1dfe5cbb8118d3
d32a841cf693b7d95e0aa4879c207762cff8ce13e909d01e3ac315e882ac0e91
d5eb67e1d759953e7528a0a91d94a9e14042febf962c37a866d5bcd6ce903328
daa2af66c5f6dde17d1344248d40ac8b9ea665b9deda5ace07cf602f10b81875
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e050c352917ca5a9cbfaf958009a6b153558d660c488529fa4129cf6f5d39acd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d937038111427376f7750d905630b678c7be9df0824f03d90d1b2d44ae780f
eb007bfd11f784d4ffbe26703a5bd7810edbbdc88af8c8abf4254702410d57ae
eb2a139ce63747845b5fa4a4ff9fe9fa2b6783f8ebf5c1325bc617e6c99837ab
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1c8c8f56cdb70437db985faa2c7ff83c1bd1205f5dabebeff0253ecddcc7bb
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f32946f78fc6459baf98f12961406dfa55669db5da975d39471ac1e9669676da
f425561d34fb6f5383c3d78a1375ac58f50ad4d992666a496192c867fa5582c8
f64f1268bdcebdb26e4b0c9ad0fe26b8b33a9b5688916edd11c6a9536f40e4a4
f66630bcc55166ec2133944da9e3c0f48be548c874d120cf2199451449c48cd2
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f92e550c3cdb1aa7ed4ccb6e51beaaacb047bb66e96aa75c1d7059d96193ccd0
fa3879489c2daf6b5483fd0bd02f8bebe39349c4ba0048c337e21ca31daceba4
fa470820624bdbeaee72537f4214d1480bedadf3a19669fb8d9839eb6ffebcd4
fb4c80cb1e71908e7e63ea7d579969cc8f2e7db7b50c0a423bd68a3da51a6d31
fc054b3bf93a43efa68be8158ba803defb0f7c20f149f66f0dc19773b56dbf0a