Submitted URL: http://ottoyes.com/clickout/dfa39b57-3cd8-46d5-b576-dd55d046bf65
Effective URL: https://www.evermedtv.com/user/login
Submission: On January 28 via manual from RS

Summary

This website contacted 29 IPs in 7 countries across 23 domains to perform 60 HTTP transactions. The main IP is 52.29.95.205, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.evermedtv.com.
TLS certificate: Issued by Amazon on July 29th 2020. Valid for: a year.
This is the only time www.evermedtv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.79.174.133 63949 (LINODE-AP...)
9 52.29.95.205 16509 (AMAZON-02)
1 2a04:4e42:3::621 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.225.80.24 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.21.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.224.194.129 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 35.186.235.23 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 6 2a02:6b8::1:119 13238 (YANDEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.194.11 16509 (AMAZON-02)
1 2a05:f500:10:... 14413 (LINKEDIN)
1 35.190.25.25 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 18.203.1.140 16509 (AMAZON-02)
1 13.224.194.69 16509 (AMAZON-02)
2 143.204.93.95 16509 (AMAZON-02)
60 29
Domain Requested by
9 www.evermedtv.com www.evermedtv.com
6 mc.yandex.ru 1 redirects www.evermedtv.com
6 fonts.gstatic.com fonts.googleapis.com
5 www.googletagmanager.com www.evermedtv.com
www.googletagmanager.com
3 www.google.de www.evermedtv.com
3 www.google.com www.evermedtv.com
2 api.getdrip.com tag.getdrip.com
2 www.facebook.com www.evermedtv.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 connect.facebook.net www.evermedtv.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
www.evermedtv.com
2 www.google-analytics.com www.evermedtv.com
2 fonts.googleapis.com www.evermedtv.com
1 tag.getdrip.com www.evermedtv.com
1 in.hotjar.com www.evermedtv.com
1 api-js.mixpanel.com www.evermedtv.com
1 px.ads.linkedin.com www.evermedtv.com
1 vars.hotjar.com static.hotjar.com
1 cdn4.mxpnl.com www.evermedtv.com
1 snap.licdn.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.evermedtv.com
1 static.hotjar.com www.evermedtv.com
1 code.jquery.com www.evermedtv.com
1 ajax.googleapis.com www.evermedtv.com
1 stackpath.bootstrapcdn.com www.evermedtv.com
1 cdn.polyfill.io www.evermedtv.com
1 ottoyes.com 1 redirects
60 29

This site contains links to these domains. Also see Links.

Domain
start.evermedtv.com
Subject Issuer Validity Valid
evermedtv.com
Amazon
2020-07-29 -
2021-08-30
a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-10-26 -
2021-04-17
6 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
www.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
www.google.de
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
www.bing.com
Microsoft RSA TLS CA 02
2021-01-19 -
2021-07-19
6 months crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018
2019-07-29 -
2021-07-28
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-12-22 -
2021-03-21
3 months crt.sh
mc.yandex.ru
Yandex CA
2020-09-29 -
2021-03-11
5 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2021-01-06 -
2021-07-05
6 months crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018
2020-04-20 -
2022-04-21
2 years crt.sh
*.google.com
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.google.de
GTS CA 1O1
2021-01-05 -
2021-03-30
3 months crt.sh
*.getdrip.com
Amazon
2020-03-27 -
2021-04-27
a year crt.sh

This page contains 3 frames:

Primary Page: https://www.evermedtv.com/user/login
Frame ID: 4D57420A702E6E10A3469ABD528CC1FC
Requests: 58 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-KGSVDMT
Frame ID: 2EC3E1A9ABE941D6BD8134AD9F98E137
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 5051058F88178683ED2E61FEBE915249
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ottoyes.com/clickout/dfa39b57-3cd8-46d5-b576-dd55d046bf65 HTTP 302
    https://www.evermedtv.com/user/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

60
Requests

100 %
HTTPS

63 %
IPv6

23
Domains

29
Subdomains

29
IPs

7
Countries

1730 kB
Transfer

6772 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ottoyes.com/clickout/dfa39b57-3cd8-46d5-b576-dd55d046bf65 HTTP 302
    https://www.evermedtv.com/user/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://mc.yandex.ru/watch/62807125?wmode=7&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1jd82kqubyqh2bf%3Afp%3A1909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A380%3Acn%3A1%3Adp%3A0%3Als%3A451272212435%3Ahid%3A74276213%3Az%3A60%3Ai%3A20210128171628%3Aet%3A1611850588%3Ac%3A1%3Arn%3A1019313362%3Arqn%3A1%3Au%3A1611850588491513804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1611850585961%3Awv%3A2%3Ads%3A94%2C100%2C24%2C1%2C805%2C0%2C%2C738%2C103%2C%2C%2C%2C1768%3Adsn%3A93%2C101%2C24%2C1%2C805%2C0%2C%2C740%2C102%2C%2C%2C%2C1768%3Arqnl%3A1%3Ati%3A2%3Ast%3A1611850588%3At%3ASign%20In%20-%20EvermedTV HTTP 302
  • https://mc.yandex.ru/watch/62807125/1?wmode=7&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1jd82kqubyqh2bf%3Afp%3A1909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A380%3Acn%3A1%3Adp%3A0%3Als%3A451272212435%3Ahid%3A74276213%3Az%3A60%3Ai%3A20210128171628%3Aet%3A1611850588%3Ac%3A1%3Arn%3A1019313362%3Arqn%3A1%3Au%3A1611850588491513804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1611850585961%3Awv%3A2%3Ads%3A94%2C100%2C24%2C1%2C805%2C0%2C%2C738%2C103%2C%2C%2C%2C1768%3Adsn%3A93%2C101%2C24%2C1%2C805%2C0%2C%2C740%2C102%2C%2C%2C%2C1768%3Arqnl%3A1%3Ati%3A2%3Ast%3A1611850588%3At%3ASign%20In%20-%20EvermedTV

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
www.evermedtv.com/user/
Redirect Chain
  • http://ottoyes.com/clickout/dfa39b57-3cd8-46d5-b576-dd55d046bf65
  • https://www.evermedtv.com/user/login
3 KB
2 KB
Document
General
Full URL
https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1e155b6557bddbcbb029fa92f72ec2f22a8dbf9ccff9e4abe8ff21519e453ba0

Request headers

:method
GET
:authority
www.evermedtv.com
:scheme
https
:path
/user/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:26 GMT
content-type
text/html
content-length
1495
server
Apache/2.4.18 (Ubuntu)
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
etag
"d84-5b96baf77ef10-gzip"
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, private
Date
Thu, 28 Jan 2021 16:16:26 GMT
Location
https://www.evermedtv.com/user/login
Set-Cookie
XSRF-TOKEN=eyJpdiI6InRDWDJ4NE92Nk16dktVVmZ4bnVKMkE9PSIsInZhbHVlIjoiWm44L1RNeklzcUJBNjZkT2I5YXpSVXBrZmgzTGpNWWhXcXNscU9sbWQ3dVFtNjNzdCtPVmNnMlpPNm9RY2N3RSIsIm1hYyI6IjZhZjhkZmNlZmQ3N2Y3ZGE4NGMzYzU4NTE5NDM0ODE5ZjEwMGUxM2EyYTVjMmNmMDk2ZmYyN2M0YTI0ZWNiOGUifQ%3D%3D; expires=Thu, 28-Jan-2021 18:16:26 GMT; Max-Age=7200; path=/; secure laravel_session=eyJpdiI6Ik5qWTl5TTBqbmc3US8zL1J6dVYvcmc9PSIsInZhbHVlIjoiMVhZbExqZHVVbVBuNGw1c3Z3K3Z1dTlrTkYwTWo2N3F6S0E4Wjh1K0dXaUw1eUVmMHhYTzY0UVNFN0prejVieSIsIm1hYyI6ImQxYjRkZGYwZjcxY2EwZDk0YjhiOTFiYTI5Yzk5ZDQxODEwYzk5OWI5ODMzYTI3NzBhZDYzMGVmMDdhMzY2MDMifQ%3D%3D; path=/; secure; httponly
polyfill.min.js
cdn.polyfill.io/v2/
222 B
596 B
Script
General
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Intl.~locale.en
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
1119656
detected-user-agent
Chrome Mobile/83.0.4103
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
last-modified
Fri, 15 Jan 2021 17:15:18 GMT
date
Thu, 28 Jan 2021 16:16:27 GMT
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/83.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
icon
fonts.googleapis.com/
574 B
839 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 16:16:27 GMT
server
ESF
date
Thu, 28 Jan 2021 16:16:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Jan 2021 16:16:27 GMT
css
fonts.googleapis.com/
13 KB
975 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5da690e1fb7e6ccc2a28bb49a391835a4dd16329d9ae49ca69dd591d8cbcaab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 16:16:27 GMT
server
ESF
date
Thu, 28 Jan 2021 16:16:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 28 Jan 2021 16:16:27 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/
95 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 13:56:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8395
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jan 2022 13:56:32 GMT
jquery-ui.js
code.jquery.com/ui/1.12.1/
509 KB
122 KB
Script
General
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Wed, 14 Sep 2016 16:34:16 GMT
server
nginx
etag
W/"57d97c08-7f20a"
vary
Accept-Encoding
x-hw
1611850587.dop245.fr8.t,1611850587.cds234.fr8.hn,1611850587.cds269.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
124434
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-123440629-1
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8bab6553486712cd1b78aa3d681cc6662b7dc3c87539a64b9e59376ed94c8de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38758
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jan 2021 16:16:27 GMT
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-665378275
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1461c06a3126f18c405f2296975d1b3090b526510f68e3c9f9d1722cb767dc9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38800
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jan 2021 16:16:27 GMT
styles.b1bee3c37cdda3a4df73.bundle.css
www.evermedtv.com/
264 KB
47 KB
Stylesheet
General
Full URL
https://www.evermedtv.com/styles.b1bee3c37cdda3a4df73.bundle.css
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
5a03c3b15bdc063061fcdc68f9eddc77ecd5d17ffae9a5f7f867434956644101

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"41ff7-5b96baf77df70-gzip"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47973
expires
Sat, 27 Feb 2021 16:16:27 GMT
owl.carousel.js
www.evermedtv.com/assets/
88 KB
20 KB
Script
General
Full URL
https://www.evermedtv.com/assets/owl.carousel.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"15f88-5b96baf781df0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20037
expires
Sat, 27 Feb 2021 16:16:27 GMT
jquery.slimscroll.min.js
www.evermedtv.com/assets/
5 KB
2 KB
Script
General
Full URL
https://www.evermedtv.com/assets/jquery.slimscroll.min.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"1274-5b96baf781df0-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1889
expires
Sat, 27 Feb 2021 16:16:27 GMT
inline.135d97b9e7f1f23d7db1.bundle.js
www.evermedtv.com/
1 KB
1 KB
Script
General
Full URL
https://www.evermedtv.com/inline.135d97b9e7f1f23d7db1.bundle.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
0e63391c8dacd41b2e4837a597a609ee85e657301d72b78a4aaa06394060fd2d

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"5be-5b96baf77df70-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
825
expires
Sat, 27 Feb 2021 16:16:27 GMT
polyfills.c095c3d954fa5eefbdb7.bundle.js
www.evermedtv.com/
144 KB
49 KB
Script
General
Full URL
https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
ae45a8e64e222ff020ebf63b232871b277b13d9ff89ee3826df65046e243b4cf

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"2417c-5b96baf77df70-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49427
expires
Sat, 27 Feb 2021 16:16:27 GMT
scripts.39a7340ab72686ac9faf.bundle.js
www.evermedtv.com/
847 KB
240 KB
Script
General
Full URL
https://www.evermedtv.com/scripts.39a7340ab72686ac9faf.bundle.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
c2d06ffc1438ef992bc5215183c24ea0f0df7433c1431268cc8c79cb56f86dcb

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"d3a12-5b96baf77df70-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sat, 27 Feb 2021 16:16:27 GMT
main.8360895ddea71db1c923.bundle.js
www.evermedtv.com/
3 MB
627 KB
Script
General
Full URL
https://www.evermedtv.com/main.8360895ddea71db1c923.bundle.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
1cb02b9389a7557d7894c115268fbbc79f67f32fa762208f92ca1fda18ab61ff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"31fdb6-5b96baf77df70-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
expires
Sat, 27 Feb 2021 16:16:27 GMT
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3743
date
Thu, 28 Jan 2021 15:14:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 28 Jan 2021 17:14:04 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.evermedtv.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 09:04:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:14 GMT
server
sffe
age
112323
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13708
x-xss-protection
0
expires
Thu, 27 Jan 2022 09:04:24 GMT
en.json
www.evermedtv.com/assets/i18n/
11 KB
11 KB
XHR
General
Full URL
https://www.evermedtv.com/assets/i18n/en.json
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.95.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-95-205.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e72f42dd104af999cb18da73ff14ca58a6f217d2fb763ad376a088f7c1940d76

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
last-modified
Thu, 21 Jan 2021 16:37:20 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"2acd-5b96baf77ef10"
content-type
application/json
cache-control
max-age=604800
accept-ranges
bytes
content-length
10957
expires
Thu, 04 Feb 2021 16:16:27 GMT
hotjar-1623578.js
static.hotjar.com/c/
5 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1623578.js?sv=6
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/main.8360895ddea71db1c923.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-24.fra2.r.cloudfront.net
Software
/
Resource Hash
4a4f3551eb3eb9fd04ffad9130ac37aee284bf13955f59511db650be6c79aa71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/49de972adcf3c2cf16cc34372ff89a85
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1969
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-id
sZ8jOqfbN-ZTnZbzGHaBMIrcFQteRV8rvq41EYfbU95ibwcAfaflpw==
collect
www.google-analytics.com/j/
4 B
72 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1125479946&t=pageview&_s=1&dl=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&dp=%2Fuser%2Flogin&ul=en-us&de=UTF-8&dt=Sign%20In%20-%20EvermedTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=322804456&gjid=1791234746&cid=817015974.1611850587&tid=UA-123440629-1&_gid=1994635662.1611850587&_r=1&_slc=1&z=1603786717
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.evermedtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/
149 KB
51 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGSVDMT
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/main.8360895ddea71db1c923.bundle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b00efafd7e01a0a3c55646c7e45cccb58c3f52ccaf5b10a73bf5f0ffd782ffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52040
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jan 2021 16:16:27 GMT
ns.html
www.googletagmanager.com/ Frame 2EC3
0
0
Document
General
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-KGSVDMT
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/main.8360895ddea71db1c923.bundle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.googletagmanager.com
:scheme
https
:path
/ns.html?id=GTM-KGSVDMT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.evermedtv.com/user/login
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.evermedtv.com/user/login

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
*
date
Thu, 28 Jan 2021 16:16:27 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
server
Google Tag Manager
content-length
209
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.evermedtv.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 19:53:42 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:51 GMT
server
sffe
age
505365
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13464
x-xss-protection
0
expires
Sat, 22 Jan 2022 19:53:42 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.evermedtv.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 08:43:19 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:15 GMT
server
sffe
age
113588
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13612
x-xss-protection
0
expires
Thu, 27 Jan 2022 08:43:19 GMT
JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.evermedtv.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 18:44:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:43 GMT
server
sffe
age
77492
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13560
x-xss-protection
0
expires
Thu, 27 Jan 2022 18:44:55 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.evermedtv.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 09:04:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:07 GMT
server
sffe
age
112323
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13640
x-xss-protection
0
expires
Thu, 27 Jan 2022 09:04:24 GMT
JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.evermedtv.com
Referer
https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,500,600,700,800|Open+Sans:600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 16:18:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:06 GMT
server
sffe
age
86271
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13516
x-xss-protection
0
expires
Thu, 27 Jan 2022 16:18:36 GMT
collect
stats.g.doubleclick.net/j/
4 B
92 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-123440629-1&cid=817015974.1611850587&jid=322804456&gjid=1791234746&_gid=1994635662.1611850587&_u=aEBAAEAAAAAAAC~&z=1704097592
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 28 Jan 2021 16:16:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.evermedtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-665378275&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123440629-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7366a51c8d0282b32d47ca28160ee08a3e173410c19eef929117d250e87df89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38786
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 28 Jan 2021 16:16:28 GMT
conversion_async.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-665378275
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.21.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12189
x-xss-protection
0
server
cafe
etag
8926089356025331971
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 28 Jan 2021 16:16:28 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-123440629-1&cid=817015974.1611850587&jid=322804456&_u=aEBAAEAAAAAAAC~&z=2008972273
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-123440629-1&cid=817015974.1611850587&jid=322804456&_u=aEBAAEAAAAAAAC~&z=2008972273
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.29c79ff213b8c3ec96ae.js
script.hotjar.com/
223 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.29c79ff213b8c3ec96ae.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1623578.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-129.fra2.r.cloudfront.net
Software
/
Resource Hash
51946f86a4167749efeafd199726a80905112d9babcea24acccf3877888228af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 11:50:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
15945
x-cache
Hit from cloudfront
content-length
59745
access-control-allow-origin
*
last-modified
Thu, 28 Jan 2021 11:47:24 GMT
etag
"f9999cc4d09712d8083b85bf3e054f02"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
cdEqlQJ3_B2hWJPmczxIXhM0R_6q1Zt9Aq-CYX_m4I0JrBoho44rgA==
insight.min.js
snap.licdn.com/li.lms-analytics/
4 KB
2 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGSVDMT
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 28 Jan 2021 16:16:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=56666
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
bat.js
bat.bing.com/
27 KB
8 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGSVDMT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:27 GMT
content-encoding
gzip
last-modified
Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref
Ref A: F271FA16D2324CC98052682BFBD791E3 Ref B: FRAEDGE1506 Ref C: 2021-01-28T16:16:28Z
etag
"0b27f152fa7d61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8454
mixpanel-2-latest.min.js
cdn4.mxpnl.com/libs/
81 KB
28 KB
Script
General
Full URL
https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.235.23 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
23.235.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4047031aa5b3f4bdc06aef178a89bc6331c10c408a4af6858dd1fac8c584a14

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:10:24 GMT
content-encoding
gzip
age
364
x-guploader-uploadid
ABg5-UwUpP53_aij_H_Hc2-7V4ZJhsXGOU2MvZxatCmiPY3JiSOa8wWPoBnrNaLJCYGWYipyb7QP7MADzb1VE3g7RyY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
27813
last-modified
Wed, 20 Jan 2021 00:40:25 GMT
server
UploadServer
etag
"efeb9e188180f11c776203ada5b8101d"
vary
Accept-Encoding
x-goog-hash
crc32c=l4o+yg==, md5=7+ueGIGA8Rx3YgOtpbgQHQ==
x-goog-generation
1611103225280731
access-control-allow-origin
*
cache-control
public,max-age=600
x-goog-stored-content-length
27813
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 28 Jan 2021 16:20:24 GMT
fbevents.js
connect.facebook.net/en_US/
91 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
Vi8cPO5jnQGFKXV/ySHhBskjC1cI0PKzZz/5/MMtdiDOIaB5XwbGi+OFzmsqhyOsCMw+//IvfFHG06/KL+lJlw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 28 Jan 2021 16:16:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/
204 KB
64 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
4e52560116d970cb1d789e6d3ccb3f79fafdc7933962122315dfd4c0ac84b2e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
content-encoding
br
last-modified
Tue, 26 Jan 2021 16:24:31 GMT
etag
"600fca13-ff1e"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
65310
expires
Thu, 28 Jan 2021 17:16:28 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/665378275/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665378275/?random=1611850588098&cv=9&fst=1611850588098&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&tiba=Sign%20In%20-%20EvermedTV&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4df5f922b474688b5ecaeb6cf4631ad8377768e5bccb645b59c56530cfa15aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1033
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
759927034542804
connect.facebook.net/signals/config/
240 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/759927034542804?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8250637b851048deb6042c7f5ab7412a55a204f80e8ffa64a471709d2f79ccb9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
YSxv90ivrvk5hCZtgcxLZlfi8CZ4iLxfKq0F00AwiBsXb8xF9X9YKgjoRiVCDsOHtrHIKU9DbTOnyGOu0HVUwQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 28 Jan 2021 16:16:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
746457022
expires
Sat, 01 Jan 2000 00:00:00 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 5051
0
0
Document
General
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1623578.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-11.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.evermedtv.com/user/login
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.evermedtv.com/user/login

Response headers

content-type
text/html
content-length
851
date
Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
IUaq3450cwR-kd3kETmfNoeT4GMbNMfQdGp_Y8iSreBRw-oXeF_ydg==
age
5699725
collect
px.ads.linkedin.com/
0
372 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1826522&time=1611850588167&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
iyGq8JFxXhYQjPDNaysAAA==
0
bat.bing.com/action/
0
117 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56268084&Ver=2&mid=629ccad4-21eb-493e-984b-0c82eb056751&sid=2ce4fba0618411eb9495c96844a7c8ff&vid=2ce525d0618411eb8a6b878a9b46d856&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20-%20EvermedTV&kw=Evermedtv,Evermed,Medical,Videos,Conferences,Conference,Congress,Congresses&p=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&r=&lt=1871&evt=pageLoad&msclkid=N&sv=1&rn=361472
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 85D9BBBC6F9B4140B9A7B12FCB37D899 Ref B: FRAEDGE1506 Ref C: 2021-01-28T16:16:28Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api-js.mixpanel.com/decide/
65 B
329 B
XHR
General
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=3d8792e05fec2f660d1d816367ce6ba3&ip=1&_=1611850588265
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.25.25 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.25.190.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.evermedtv.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
www.google.com/pagead/1p-user-list/665378275/
42 B
530 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/665378275/?random=1611850588098&cv=9&fst=1611849600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&tiba=Sign%20In%20-%20EvermedTV&async=1&fmt=3&is_vtc=1&random=2850473744&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/665378275/
42 B
530 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/665378275/?random=1611850588098&cv=9&fst=1611849600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&tiba=Sign%20In%20-%20EvermedTV&async=1&fmt=3&is_vtc=1&random=2850473744&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
260 B
Image
General
Full URL
https://www.facebook.com/tr/?id=759927034542804&ev=PageView&dl=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&rl=&if=false&ts=1611850588301&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611850588299.405202846&it=1611850588163&coo=false&rqm=GET
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 28 Jan 2021 16:16:28 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1623578/
152 B
305 B
XHR
General
Full URL
https://in.hotjar.com/api/v2/client/sites/1623578/visit-data?sv=6
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.1.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-1-140.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 28 Jan 2021 16:16:28 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/665378275/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/665378275/?random=1611850588309&cv=9&fst=1611850588309&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&tiba=Sign%20In%20-%20EvermedTV&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e82160607a217d079190023a60cdfb704ba1bcae370b4b8d39b909007fe4a164
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1036
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/665378275/
42 B
66 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/665378275/?random=1611850588309&cv=9&fst=1611849600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&tiba=Sign%20In%20-%20EvermedTV&async=1&fmt=3&is_vtc=1&random=4231299585&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/665378275/
42 B
66 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/665378275/?random=1611850588309&cv=9&fst=1611849600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&tiba=Sign%20In%20-%20EvermedTV&async=1&fmt=3&is_vtc=1&random=4231299585&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
111 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:28 GMT
last-modified
Tue, 26 Jan 2021 16:24:31 GMT
etag
"600fca13-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 28 Jan 2021 17:16:28 GMT
1
mc.yandex.ru/watch/62807125/
Redirect Chain
  • https://mc.yandex.ru/watch/62807125?wmode=7&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1jd82kqubyqh2bf%3Afp%3A1909%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.ru/watch/62807125/1?wmode=7&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1jd82kqubyqh2bf%3Afp%3A1909%3Afu%3A0%3Aen%...
186 B
268 B
XHR
General
Full URL
https://mc.yandex.ru/watch/62807125/1?wmode=7&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1jd82kqubyqh2bf%3Afp%3A1909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A380%3Acn%3A1%3Adp%3A0%3Als%3A451272212435%3Ahid%3A74276213%3Az%3A60%3Ai%3A20210128171628%3Aet%3A1611850588%3Ac%3A1%3Arn%3A1019313362%3Arqn%3A1%3Au%3A1611850588491513804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1611850585961%3Awv%3A2%3Ads%3A94%2C100%2C24%2C1%2C805%2C0%2C%2C738%2C103%2C%2C%2C%2C1768%3Adsn%3A93%2C101%2C24%2C1%2C805%2C0%2C%2C740%2C102%2C%2C%2C%2C1768%3Arqnl%3A1%3Ati%3A2%3Ast%3A1611850588%3At%3ASign%20In%20-%20EvermedTV
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
caf60679c939385073fbc60f20a57aebde426e6859cc347c63cafb6446d6307d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 28-Jan-2021 16:16:28 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.evermedtv.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
186
x-xss-protection
1; mode=block
expires
Thu, 28-Jan-2021 16:16:28 GMT

Redirect headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:28 GMT
last-modified
Thu, 28-Jan-2021 16:16:28 GMT
location
/watch/62807125/1?wmode=7&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1jd82kqubyqh2bf%3Afp%3A1909%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A380%3Acn%3A1%3Adp%3A0%3Als%3A451272212435%3Ahid%3A74276213%3Az%3A60%3Ai%3A20210128171628%3Aet%3A1611850588%3Ac%3A1%3Arn%3A1019313362%3Arqn%3A1%3Au%3A1611850588491513804%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1611850585961%3Awv%3A2%3Ads%3A94%2C100%2C24%2C1%2C805%2C0%2C%2C738%2C103%2C%2C%2C%2C1768%3Adsn%3A93%2C101%2C24%2C1%2C805%2C0%2C%2C740%2C102%2C%2C%2C%2C1768%3Arqnl%3A1%3Ati%3A2%3Ast%3A1611850588%3At%3ASign%20In%20-%20EvermedTV
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.evermedtv.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 28-Jan-2021 16:16:28 GMT
6865621.js
tag.getdrip.com/
86 KB
28 KB
Script
General
Full URL
https://tag.getdrip.com/6865621.js
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/user/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-69.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
402b4c5c7b4af432aff4cd45c45982025093867e514ce51091213f325c97573d

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:30 GMT
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 15:46:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"80ce66659c726da792767004f84202be"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
x-amz-cf-id
D-2KVJATZ-TdOCwjdLP-zd3--r4oV2vNuS5jUOBfeWTOEl76sicX9g==
/
www.facebook.com/tr/
44 B
147 B
Image
General
Full URL
https://www.facebook.com/tr/?id=759927034542804&ev=Microdata&dl=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&rl=&if=false&ts=1611850589864&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%20-%20EvermedTV%22%2C%22meta%3Adescription%22%3A%22EVERMEDTV%20is%20a%20medical%20education%20resource%20and%20virtual%20meeting%20venue%20exclusively%20for%20healthcare%20professionals.%22%2C%22meta%3Akeywords%22%3A%22Evermedtv%2CEvermed%2CMedical%2CVideos%2CConferences%2CConference%2CCongress%2CCongresses%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611850588299.405202846&it=1611850588163&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 28 Jan 2021 16:16:29 GMT
visit
api.getdrip.com/client/events/
84 B
837 B
Script
General
Full URL
https://api.getdrip.com/client/events/visit?drip_account_id=6865621&referrer=&url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&domain=www.evermedtv.com&time_zone=Europe%2FBerlin&enable_third_party_cookies=f&callback=Drip_117724496
Requested by
Host: tag.getdrip.com
URL: https://tag.getdrip.com/6865621.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-95.fra50.r.cloudfront.net
Software
/
Resource Hash
fd1043c65bd0197bbc198b60849a0a1bbcef7a687388ac80c0c53af2f8e6dacc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:30 GMT
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
84
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
8de9aa36-ad4c-4fc1-a304-e049c27068a1
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
Z3h2vGUcoAMFe7w=
content-length
84
x-xss-protection
1; mode=block
x-request-id
764132b9-2c5e-4706-b0d3-7b9397706186
x-runtime
0.031725
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"fd1043c65bd0197bbc198b60849a0a1b"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Thu, 28 Jan 2021 16:16:30 GMT
x-amz-cf-id
969PZEoDzU6FO1uAhf1SWwDmNOzDDhEchCkltsnbLzYx1vQDjGsyqw==
track
api.getdrip.com/client/
101 B
855 B
Script
General
Full URL
https://api.getdrip.com/client/track?url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&visitor_uuid=e9d2c30b28174ac592923047a17efd6c&_action=Started%20a%20new%20session&source=drip&drip_account_id=6865621&callback=Drip_835132013
Requested by
Host: tag.getdrip.com
URL: https://tag.getdrip.com/6865621.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.93.95 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-93-95.fra50.r.cloudfront.net
Software
/
Resource Hash
57ab1657b3ef103b9824066a46cd74f1bfb8f05ca081f813cb8cf76dc5030144
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 28 Jan 2021 16:16:30 GMT
via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amzn-remapped-content-length
101
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA50-C1
x-amzn-requestid
4a5d92fa-400d-4c4a-8467-4ba629aee63d
x-cache
Miss from cloudfront
x-amzn-remapped-server
nginx
x-amz-apigw-id
Z3h2yF1LoAMFe0w=
content-length
101
x-xss-protection
1; mode=block
x-request-id
4c033c24-8101-493e-9a85-bf03127e39d0
x-runtime
0.092586
referrer-policy
strict-origin-when-cross-origin
x-frame-options
SAMEORIGIN
etag
W/"57ab1657b3ef103b9824066a46cd74f1"
x-download-options
noopen
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
x-amzn-remapped-connection
keep-alive
cache-control
max-age=0, private, must-revalidate
x-amzn-remapped-date
Thu, 28 Jan 2021 16:16:30 GMT
x-amz-cf-id
whOzWrGe3RMLLnZN6snbIfiOJw1zkgM4OYrVbo8exVNGsdBClHlhcQ==
62807125
mc.yandex.ru/webvisor/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/62807125?wmode=0&wv-part=1&wv-hit=74276213&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&rn=233551870&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1611850591%3Aw%3A1600x1200%3Av%3A380%3Az%3A60%3Ai%3A20210128171630%3Au%3A1611850588491513804%3Avf%3A1jd82kqubyqh2bf%3Ati%3A2%3Ast%3A1611850591
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:30 GMT
last-modified
Thu, 28-Jan-2021 16:16:30 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.evermedtv.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 28-Jan-2021 16:16:30 GMT
62807125
mc.yandex.ru/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.ru/webvisor/62807125?wmode=0&wv-part=1&wv-hit=74276213&page-url=https%3A%2F%2Fwww.evermedtv.com%2Fuser%2Flogin&rn=697474554&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1611850591%3Aw%3A1600x1200%3Av%3A380%3Az%3A60%3Ai%3A20210128171630%3Au%3A1611850588491513804%3Avf%3A1jd82kqubyqh2bf%3Ati%3A2%3Ast%3A1611850591
Requested by
Host: www.evermedtv.com
URL: https://www.evermedtv.com/polyfills.c095c3d954fa5eefbdb7.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.evermedtv.com/user/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Jan 2021 16:16:30 GMT
last-modified
Thu, 28-Jan-2021 16:16:30 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://www.evermedtv.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 28-Jan-2021 16:16:30 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| settimeout string| GoogleAnalyticsObject function| ga function| gtag object| dataLayer function| webpackJsonp object| core object| __core-js_shared__ function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader object| true object| __zone_symbol__loadfalse object| cookieconsent function| Hls function| __zone_symbol__ON_PROPERTYbeforeunload object| __zone_symbol__beforeunloadfalse function| flowplayer function| ResizeSensor function| StickySidebar object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| ngDevMode object| __zone_symbol__ON_PROPERTYmessage object| __zone_symbol__messagefalse boolean| _pdfjsCompatibilityChecked object| __zone_symbol__testfalse object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| _hjSettings function| hj object| google_tag_manager function| postscribe object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| _linkedin_data_partner_id object| uetq function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| mixpanel function| fbq function| _fbq function| ym function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| __zone_symbol__unloadfalse function| lintrk boolean| _already_called_lintrk function| UET object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse function| __zone_symbol__ON_PROPERTYload object| Ya object| __zone_symbol__messagetrue object| __zone_symbol__beforeunloadtrue object| __zone_symbol__unloadtrue object| __zone_symbol__loadtrue object| __zone_symbol__blurtrue object| __zone_symbol__focustrue object| __zone_symbol__clicktrue object| yaCounter62807125 object| __zone_symbol__mouseleavetrue object| __zone_symbol__resizetrue object| __zone_symbol__orientationchangetrue object| __zone_symbol__scrolltrue object| __zone_symbol__mousemovetrue object| __zone_symbol__mousedowntrue object| __zone_symbol__mouseuptrue object| __zone_symbol__touchmovetrue object| __zone_symbol__touchdowntrue object| __zone_symbol__selecttrue object| __zone_symbol__visibilitychangetrue object| __zone_symbol__keydowntrue object| __zone_symbol__keyuptrue object| _dcq object| _dcs object| _dcfg object| intlTelInputGlobals object| _dc undefined| Drip_117724496 undefined| Drip_835132013 function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

18 Cookies

Domain/Path Name / Value
.evermedtv.com/ Name: _ym_isad
Value: 2
.evermedtv.com/ Name: _ym_uid
Value: 1611850588491513804
www.evermedtv.com/ Name: _hjIncludedInSessionSample
Value: 0
.evermedtv.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
www.evermedtv.com/ Name: _hjIncludedInPageviewSample
Value: 1
.evermedtv.com/ Name: _hjFirstSeen
Value: 1
.evermedtv.com/ Name: _uetvid
Value: 2ce525d0618411eb8a6b878a9b46d856
.evermedtv.com/ Name: _uetsid
Value: 2ce4fba0618411eb9495c96844a7c8ff
.evermedtv.com/ Name: _gid
Value: GA1.2.1994635662.1611850587
.evermedtv.com/ Name: _gcl_au
Value: 1.1.945415573.1611850588
.evermedtv.com/ Name: _gat
Value: 1
.evermedtv.com/ Name: mp_3d8792e05fec2f660d1d816367ce6ba3_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217749c8206611d-0f0212ad653ddc-1b396256-1d4c00-17749c82067128%22%2C%22%24device_id%22%3A%20%2217749c8206611d-0f0212ad653ddc-1b396256-1d4c00-17749c82067128%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.evermedtv.com/ Name: _hjid
Value: 422d3adc-e93f-4a2d-bb4a-1d2355fc66c3
.evermedtv.com/ Name: _hjTLDTest
Value: 1
.evermedtv.com/ Name: _fbp
Value: fb.1.1611850588299.405202846
.evermedtv.com/ Name: _ym_visorc
Value: w
.evermedtv.com/ Name: _ym_d
Value: 1611850588
.evermedtv.com/ Name: _ga
Value: GA1.2.817015974.1611850587

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-js.mixpanel.com
api.getdrip.com
bat.bing.com
cdn.polyfill.io
cdn4.mxpnl.com
code.jquery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
mc.yandex.ru
ottoyes.com
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
tag.getdrip.com
vars.hotjar.com
www.evermedtv.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.194.11
13.224.194.129
13.224.194.69
13.225.80.24
143.204.93.95
172.217.21.194
18.203.1.140
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200e
2a00:1450:4001:817::2003
2a00:1450:4001:825::2003
2a00:1450:4001:829::200a
2a00:1450:400c:c00::9a
2a02:26f0:6c00:28c::25ea
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::621
2a05:f500:10:101::b93f:9105
35.186.235.23
35.190.25.25
45.79.174.133
52.29.95.205
03b52a1594b643f27fdfc0ad86291bf36368dde44df9f07e1206b6fd3563bcab
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e63391c8dacd41b2e4837a597a609ee85e657301d72b78a4aaa06394060fd2d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1461c06a3126f18c405f2296975d1b3090b526510f68e3c9f9d1722cb767dc9f
1cb02b9389a7557d7894c115268fbbc79f67f32fa762208f92ca1fda18ab61ff
1e155b6557bddbcbb029fa92f72ec2f22a8dbf9ccff9e4abe8ff21519e453ba0
2f7d25275cf9ccb802154e572bc808e3c4533bc2004ccb65f4ccf35fc22b0a58
34fcae3cf94e02d46c230a5b7dd3827d612587164e048dcfe146518da1cb4ab0
402b4c5c7b4af432aff4cd45c45982025093867e514ce51091213f325c97573d
4a4f3551eb3eb9fd04ffad9130ac37aee284bf13955f59511db650be6c79aa71
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e52560116d970cb1d789e6d3ccb3f79fafdc7933962122315dfd4c0ac84b2e5
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
51946f86a4167749efeafd199726a80905112d9babcea24acccf3877888228af
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57ab1657b3ef103b9824066a46cd74f1bfb8f05ca081f813cb8cf76dc5030144
5a03c3b15bdc063061fcdc68f9eddc77ecd5d17ffae9a5f7f867434956644101
5b00efafd7e01a0a3c55646c7e45cccb58c3f52ccaf5b10a73bf5f0ffd782ffe
5da690e1fb7e6ccc2a28bb49a391835a4dd16329d9ae49ca69dd591d8cbcaab6
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7366a51c8d0282b32d47ca28160ee08a3e173410c19eef929117d250e87df89f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8250637b851048deb6042c7f5ab7412a55a204f80e8ffa64a471709d2f79ccb9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a4df5f922b474688b5ecaeb6cf4631ad8377768e5bccb645b59c56530cfa15aa
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122
ae45a8e64e222ff020ebf63b232871b277b13d9ff89ee3826df65046e243b4cf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
c2d06ffc1438ef992bc5215183c24ea0f0df7433c1431268cc8c79cb56f86dcb
c4047031aa5b3f4bdc06aef178a89bc6331c10c408a4af6858dd1fac8c584a14
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
c8bab6553486712cd1b78aa3d681cc6662b7dc3c87539a64b9e59376ed94c8de
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
caf60679c939385073fbc60f20a57aebde426e6859cc347c63cafb6446d6307d
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
db9d6cf3c1c4b047c62f646e7d9991c06a212931c362bf53f9a2406b30f09466
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e72f42dd104af999cb18da73ff14ca58a6f217d2fb763ad376a088f7c1940d76
e82160607a217d079190023a60cdfb704ba1bcae370b4b8d39b909007fe4a164
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd1043c65bd0197bbc198b60849a0a1bbcef7a687388ac80c0c53af2f8e6dacc