www.medi.ceo Open in urlscan Pro
52.17.119.105 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.medi.ceo/
Effective URL:
https://www.medi.ceo/
Submission: On October 17 via api (October 17th 2023, 3:19:02 pm UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 8 domains to perform 54 HTTP transactions. The main IP is 52.17.119.105, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.medi.ceo.
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.

This is the only time www.medi.ceo was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.35.51.142 63.35.51.142	16509 (AMAZON-02) (AMAZON-02)
1	52.17.119.105 52.17.119.105	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:215... 2600:9000:2156:3800:12:9e5f:cac0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:230... 2600:9000:2304:5e00:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.232.47 52.222.232.47	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	18.66.112.80 18.66.112.80	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	44.209.39.140 44.209.39.140	14618 (AMAZON-AES) (AMAZON-AES)
2	54.146.153.6 54.146.153.6	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:215... 2600:9000:2156:7200:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:4a00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	44.218.113.159 44.218.113.159	() ()
4	3.86.120.180 3.86.120.180	() ()
54	15

1 63.35.51.142 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-51-142.eu-west-1.compute.amazonaws.com

www.medi.ceo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.119.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com

www.medi.ceo	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2156:3800:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets-global.website-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2304:5e00:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.232.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-232-47.fra56.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net

eu.posthog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.39.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-39-140.compute-1.amazonaws.com

api.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.153.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-153-6.compute-1.amazonaws.com

form.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:7200:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:4a00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.218.113.159 (None, )

ASN- ()

rudderstack-control-plane.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.86.120.180 (None, )

ASN- ()

rudderstack.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	website-files.com assets-global.website-files.com — Cisco Umbrella Rank: 11762	2 MB
15	typeform.com embed.typeform.com — Cisco Umbrella Rank: 24872 api.typeform.com — Cisco Umbrella Rank: 140124 form.typeform.com — Cisco Umbrella Rank: 49618 renderer-assets.typeform.com — Cisco Umbrella Rank: 38584 rudderstack-control-plane.cdp.prod.data.typeform.com rudderstack.cdp.prod.data.typeform.com	496 KB
13	gstatic.com fonts.gstatic.com	330 KB
3	posthog.com eu.posthog.com — Cisco Umbrella Rank: 60069	36 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405 fonts.googleapis.com — Cisco Umbrella Rank: 49	8 KB
2	medi.ceo 1 redirects www.medi.ceo	23 KB
1	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 13175	134 KB
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
54	8

	Domain	Requested by
18	assets-global.website-files.com	www.medi.ceo assets-global.website-files.com
13	fonts.gstatic.com	fonts.googleapis.com
4	rudderstack.cdp.prod.data.typeform.com	form.typeform.com
4	renderer-assets.typeform.com	form.typeform.com renderer-assets.typeform.com
3	eu.posthog.com	www.medi.ceo eu.posthog.com
2	rudderstack-control-plane.cdp.prod.data.typeform.com	form.typeform.com
2	form.typeform.com	embed.typeform.com form.typeform.com
2	embed.typeform.com	www.medi.ceo embed.typeform.com
2	www.medi.ceo	1 redirects
1	cdn.rudderlabs.com	renderer-assets.typeform.com
1	api.typeform.com	embed.typeform.com
1	fonts.googleapis.com	ajax.googleapis.com
1	d3e54v103j8qbb.cloudfront.net	www.medi.ceo
1	ajax.googleapis.com	www.medi.ceo
54	14

This site contains links to these domains. Also see Links.

Domain
toms-stunning-site-3ab0db.webflow.io
app.medi.ceo
apps.apple.com
play.google.com
www.instagram.com
www.linkedin.com
www.tiktok.com
medi.ceo
form.typeform.com

Subject Issuer	Validity	Valid
www.medi.ceo R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.website-files.com Amazon RSA 2048 M03	`2023-09-11` - `2024-10-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.typeform.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-27`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
eu.posthog.com Amazon RSA 2048 M03	`2023-08-09` - `2024-09-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
typeform.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
cdp.prod.data.typeform.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.medi.ceo/
Frame ID: 2D433EBC35FD40127291C127F505059E
Requests: 42 HTTP requests in this frame

Frame: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Frame ID: 77FA58877E784FD57EC448E89E31468A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MEDICEO - Die Toolbox für deinen Klinikalltag

Page URL History Show full URLs

http://www.medi.ceo/ HTTP 301
https://www.medi.ceo/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

100 %
HTTPS

47 %
IPv6

8
Domains

14
Subdomains

15
IPs

3
Countries

3409 kB
Transfer

5745 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://toms-stunning-site-3ab0db.webflow.io/

Search URL Search Domain Scan URL

URL: https://app.medi.ceo/?_ga=2.53202209.847156671.1696446584-886114358.1696337218
Title: Log in

Search URL Search Domain Scan URL

URL: https://app.medi.ceo/
Title: Registrieren

Search URL Search Domain Scan URL

URL: https://apps.apple.com/de/app/mediceo/id1629718911

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mediceo.app&pli=1

Search URL Search Domain Scan URL

URL: https://app.medi.ceo/?_ga=2.249215630.847156671.1696446584-886114358.1696337218

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.mediceo.app

Search URL Search Domain Scan URL

URL: https://app.medi.ceo/?_ga=2.216194463.847156671.1696446584-886114358.1696337218

Search URL Search Domain Scan URL

URL: https://www.instagram.com/medi.ceo/?hl=en

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/mediceo-gmbh/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@medi.ceo

Search URL Search Domain Scan URL

URL: https://medi.ceo/mediceo-lyra/
Title: Chat AI Lyra

Search URL Search Domain Scan URL

URL: https://form.typeform.com/to/kHzCIHci?typeform-source=medi.ceo
Title: Jetzt Feedback geben

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.medi.ceo/ HTTP 301
https://www.medi.ceo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.medi.ceo/
Redirect Chain

http://www.medi.ceo/
https://www.medi.ceo/

121 KB
23 KB

513ms
119ms

Document
text/html

52.17.119.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.17.119.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-119-105.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8716ea38d543475b98275d127b4ac6a98eaf315d8444abc717fcec1662d042d2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11809
content-encoding: gzip
content-length: 23071
content-type: text/html
date: Tue, 17 Oct 2023 15:18:55 GMT
vary: Accept-Encoding,x-wf-forwarded-proto
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-cluster-name: eu-west-1-prod-hosting-red
x-lambda-id: 829e941d-6fc6-4010-96bd-d190a615ce0f
x-served-by: cache-iad-kcgs7200129-IAD, cache-dub4331-DUB
x-timer: S1697555936.726840,VS0,VE2

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Tue, 17 Oct 2023 15:18:55 GMT
Location: https://www.medi.ceo/

GET
H2 200 toms-stunning-site-3ab0db.webflow.d678f872d.css
assets-global.website-files.com/651d7df329f290d6d82c064e/css/ 254 KB
34 KB 241ms
118ms Stylesheet
text/css 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f42ccfcefa439052738d1d882a29f4a784fcd6e1729176db03e366ac10aa7cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:21:48 GMT
content-encoding: gzip
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-version-id: Hjm0V2z95BNVaBfi4I5z0pxLXuO0EbLx
age: 14228
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 34714
last-modified: Tue, 17 Oct 2023 11:21:43 GMT
server: AmazonS3
etag: "180d61a3dae920975368f3fceefb8692"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: GkFsjAHUTDBXkLI-1M7u71xolgJqC52sBXc29M754HdvuFeSkqUzUA==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.medi.ceo
URL: https://www.medi.ceo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 04:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 04:47:36 GMT

GET
H2 200 embed.js Show response
embed.typeform.com/next/ 57 KB
12 KB 194ms
51ms Script
application/x-javascript 2600:9000:2304:5e00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.typeform.com/next/embed.js

Requested by

Host: www.medi.ceo
URL: https://www.medi.ceo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:5e00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

57ed2bcfb3e57124c256ed8b4fe480ea4b89d672f46c5ea787c0cc95fb868d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: X9HQgrlFzFJucu6lZ81GXUmGoP7glVKv
content-encoding: gzip
via: 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
date: Tue, 17 Oct 2023 15:18:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: VIE50-P1
age: 10
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 07:57:14 GMT
server: AmazonS3
etag: W/"1206142968ba8ced80c6b5a5876cffb0"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=0, must-revalidate
x-amz-cf-id: 3a-iJzbg_8zseyHaszpTKsxQmnfAVfx_pb90LWVGki1hpb5-LvwuYw==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 145ms
47ms Script
application/javascript 52.222.232.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=651d7df329f290d6d82c064e
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.232.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-232-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.medi.ceo/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 12:24:37 GMT
content-encoding: br
via: 1.1 a2cac9c5f0e90f8b7fede4ac9aca75ca.cloudfront.net (CloudFront)
age: 27776
x-amz-cf-pop: FRA56-P4
x-cache: Hit from cloudfront
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
vary: Accept-Encoding
x-amz-cf-id: 2s4BS6P4fGdeYJ_zRs-5vlJuvzJF2fJ6MgzT2fK2UxaHWFRMMLsx-g==

GET
H2 200 webflow.826ae69a9.js Show response
assets-global.website-files.com/651d7df329f290d6d82c064e/js/ 404 KB
81 KB 158ms
52ms Script
text/javascript 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/js/webflow.826ae69a9.js
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbab7a9fb4a990c09dcfac21d48911dca8b1024319e6f81951b1356478568692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: MAPuOESrdxz5Zv_ex3YvHGKiMUMs0Q3m
content-encoding: gzip
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
date: Tue, 17 Oct 2023 08:55:16 GMT
age: 23020
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 82292
last-modified: Fri, 13 Oct 2023 22:00:05 GMT
server: AmazonS3
etag: "6547fb23eef88315c43cb3d3155b6712"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 1pweFdtvvPRnQ3UNKJRbS7Goa3D8T-byY_yizGg4qbPeLF-NgRpy8w==

GET
H2 200 css
fonts.googleapis.com/ 57 KB
2 KB 176ms
59ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CInter:100,200,300,regular,500,600,700,800,900

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d30d1d8a5f76d518c6af66679a8946db4630644e7db12b4c1ad1b6c61e3ab3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 17 Oct 2023 15:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 15:18:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 17 Oct 2023 15:18:56 GMT

GET
H2 200 array.js Show response
eu.posthog.com/static/ 116 KB
35 KB 220ms
49ms Script
application/javascript 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eu.posthog.com/static/array.js
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd0db7d29c221fbfb75787d73b7ad4cbd8ead007b5254a043af356c623fb0fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: 4omf8YOTN90rHX6rEyT6rwYoXN2B.O95
content-encoding: br
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
date: Tue, 17 Oct 2023 15:18:40 GMT
last-modified: Tue, 17 Oct 2023 13:51:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 21
x-amz-server-side-encryption: AES256
etag: W/"108fb3636c2ed4404064422526c69f9e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: d4yvI_l3rRrDwSvcDR2Q1SEafIitXtKYRQBRFkMQAf1m4P-50efjEg==

GET
H2 200 651dbc1084d836e6d5998ff0_StabSchwarz-1350x1536.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 814 KB
816 KB 51ms
49ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dbc1084d836e6d5998ff0_StabSchwarz-1350x1536.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8b1d6adfd5ec17851b45046728d9d7b44d285e4d0519b9944d6e0f31819eded

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: 4yahImUlW6Csnb3q7FolV3_Y22282VHE
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446776
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 833856
last-modified: Wed, 04 Oct 2023 19:25:05 GMT
server: AmazonS3
etag: "d6e336d399deb74897209e9a488e845c"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: pofTUgaHcUnvfg8Y_LbwtT3euiDR_dbCBLPfTrIPf_aG7Ex9_c8ZPQ==

GET
H2 200 651e191ed3229a3920527bb6_ipad-frame.webp
assets-global.website-files.com/651d7df329f290d6d82c064e/ 8 KB
8 KB 47ms
46ms Image
image/webp 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651e191ed3229a3920527bb6_ipad-frame.webp
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ddaeb848fb75237a3f7af0b3b0aa3b76e411fd8b43b72bc50d66c855897a1ff3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:42 GMT
x-amz-version-id: 81me2B81fjWZv.7mSVHEOzEbRuZWgEQV
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446775
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8164
last-modified: Thu, 05 Oct 2023 02:02:08 GMT
server: AmazonS3
etag: "ee814a00aed8239370eb5a279f968ce7"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: PfhabTgELn_5TyV8WHDkc3TzESMQRn0SGlRVCn86zEiv1BHommNUvw==

GET
H2 200 651eb444e761a2b4e1c8f433_BackgroundDots.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 289 KB
289 KB 192ms
191ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651eb444e761a2b4e1c8f433_BackgroundDots.png
Requested by: Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ee0f5ca93b1380d0fcff8118ac1691f3109349d38a1466cc8c13d419868e636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://assets-global.website-files.com/651d7df329f290d6d82c064e/css/toms-stunning-site-3ab0db.webflow.d678f872d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: 0xL5PrqCbIR2DcqMXaHb_gv09GM3MmvS
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446776
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 295518
last-modified: Thu, 05 Oct 2023 13:04:06 GMT
server: AmazonS3
etag: "52194b5389952665c167d66fad1b15c5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: tj5gY8JeeO__1QMfW7HkN5Q9KWzQI1WpGB4zAXqrKiX68MiwDOUszw==

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 651db990b2ef5504143845e6_MediceoLogo-1024x320.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 18 KB
19 KB 128ms
117ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651db990b2ef5504143845e6_MediceoLogo-1024x320.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b5897267075ac6d6b5ee7c1f122316f70e34dc28d3d8cd952889c70ee3e0c773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 14:14:29 GMT
x-amz-version-id: QuafAMuTj6DhIdkQt4r.ETcZixoHZNHS
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 435868
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18873
last-modified: Wed, 04 Oct 2023 19:14:26 GMT
server: AmazonS3
etag: "cb20f77a3eeb47fe6a331dfbd6d0c927"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: mfEVlnok_AHAVLDvrHx7zL_FkxgKVINs1quETbtkC6H-LLhyTDbN_g==

GET
H2 200 652e5bfcc3bd405fc0640297_user.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 12 KB
12 KB 130ms
120ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/652e5bfcc3bd405fc0640297_user.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d01340f1d6765e50d670ba8d7ef1f1cab1df0104e681390131c966a3c61ec14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:17:54 GMT
x-amz-version-id: OotkYILXgcBXxTAuNzgUiwfdislk.b3o
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 18063
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11933
last-modified: Tue, 17 Oct 2023 10:03:42 GMT
server: AmazonS3
etag: "8709df5793a40b64c9c6a0622e359cc0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 0oS692JoXBD-4Z-pZWy-wXboanfrX3rSbW8vX4rg_6o4F3-axh9klw==

GET
H2 200 652e5c3f7de52b4add195ef5_login.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 10 KB
10 KB 129ms
119ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/652e5c3f7de52b4add195ef5_login.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dce99c079da06d0a1f009d7c1be77f76df65dc1bf68985f99296781700e29a1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 10:17:54 GMT
x-amz-version-id: 4H7O7U06isAirZrXUiB9K3oXwXp.8mxz
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 18063
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9805
last-modified: Tue, 17 Oct 2023 10:04:49 GMT
server: AmazonS3
etag: "8a6ecbfa44d44743edd092adb1d84c12"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: Jim-mq7jFMb2cECg7W1T52L3hLVeSuIHy3---kzsiUF9Vl9vwOpEPg==

GET
H2 200 652323218f5a4e0ccc1f6e42_appstore.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 5 KB
6 KB 127ms
118ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/652323218f5a4e0ccc1f6e42_appstore.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b301d2e986ef31562b6931728175d57faa30de3b0c598b869762b666b1b60106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:40 GMT
x-amz-version-id: mM4Ws1v0hZ9uq0yKuGe.sNXdmc6.Wk7Y
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446777
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5340
last-modified: Sun, 08 Oct 2023 21:46:11 GMT
server: AmazonS3
etag: "d3e69da21e12b2942c91370d4d4f8a2e"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: dHAt6UVMVjFwGOMTKx3H0JmkHzh0CSudb67AZb9c8SN6G8_T13WVVw==

GET
H2 200 65232276d4d7a45f93324e1d_2%20(2).png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 10 KB
11 KB 129ms
120ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/65232276d4d7a45f93324e1d_2%20(2).png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01b22287b3d9ee18b4e1b50d1a174a670bca607ef7d7ccff7ff6392c668910f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:40 GMT
x-amz-version-id: e5PYx9L9zWJgI_ETLAemeiccfteY3AV5
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446777
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 10454
last-modified: Sun, 08 Oct 2023 21:43:20 GMT
server: AmazonS3
etag: "eff2d285bb19abfaba31795edac09a04"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 0NRGA5SIJaQKvxHEviv1l3TmL2XGREWewcGflTGq41-a3OZO5YfgDw==

GET
H2 200 65232274b97a83b9c2556402_3.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 9 KB
9 KB 130ms
122ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/65232274b97a83b9c2556402_3.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53b3646e6f7c19708018832281d9346b2e20a4a3b2ea0f8ee90183e977ddb0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:40 GMT
x-amz-version-id: gFsxSSSJ_3Wljd37XQrA4NnW0HbIHI1M
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446777
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 9232
last-modified: Sun, 08 Oct 2023 21:43:18 GMT
server: AmazonS3
etag: "c72527dd3bc4c5f850bb09ed4e2e7623"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: wbhcixwQpIsrPygJE1DPYBt6B-_jZRairq27_JSC5T-mri4Rc47O_Q==

GET
H2 200 651dbd24799bcbc140f0da55_Features3-1024x461.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 222 KB
223 KB 135ms
127ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dbd24799bcbc140f0da55_Features3-1024x461.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cefad82479c68d0f88d189fad1ee319e2cfdc074fe34f49098b11c8d79fc88b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:40 GMT
x-amz-version-id: .bYfFYtu.gyfOhHI6kf.63WNJDQESSMt
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446777
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 227493
last-modified: Wed, 04 Oct 2023 19:29:41 GMT
server: AmazonS3
etag: "5f937ca5ab1d07ed800c7bd5ad360815"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7tQNlYjhVkes8kZZEaYAePsmUawq4JoZRPA_m7eC4eqRHsCM-X6NNA==

GET
H2 200 651dbab85fa1c6b875af4729_BildHomeCTA-1024x785.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 601 KB
602 KB 139ms
131ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dbab85fa1c6b875af4729_BildHomeCTA-1024x785.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53e3365f787ca31aa5bf5a27a1d247822db83eb402699c6c30085520745f9f32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:35:49 GMT
x-amz-version-id: 6IpM9hz9GfjKWJGnLx1yMWeqR5Nb4QaR
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 445388
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 615477
last-modified: Wed, 04 Oct 2023 19:19:22 GMT
server: AmazonS3
etag: "236e297d4fdff2e35480e0e8da8a5561"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 3biWcujYuXeQ9bRdtiSeCS0DTPqVNt_j1h4Jz8GeYWBapUansO1TXg==

GET
H2 200 651dc0bab3f81bdf55abebc9_Rating-1024x307.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 73 KB
74 KB 163ms
155ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dc0bab3f81bdf55abebc9_Rating-1024x307.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 062182477adacb58acc5cd4b94f98523c9971d3494544d9d7bb9970726fc6d13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: .QHPCTS1gi7zgj3peAHOrbDSAxY8wvcx
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446776
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 74949
last-modified: Wed, 04 Oct 2023 19:45:00 GMT
server: AmazonS3
etag: "afd6789bf83fba1f92c2f5e14446de23"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: OC_8uvl_tiudOC3TxHJy_OI7ma0PzKSe8YJ3nRuHQ0eJAgtSWxbiUg==

GET
H2 200 651dc0cec9f40985e53985f4_Medizinprodukt-1024x307.png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 36 KB
36 KB 162ms
155ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dc0cec9f40985e53985f4_Medizinprodukt-1024x307.png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed022ac0a01f878757a9411915b158131972250694ffe6aac7eb019db3ac7d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: RWwqibBHg4vFq0kcs1hqselPjmLBEeuX
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446776
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 36806
last-modified: Wed, 04 Oct 2023 19:45:19 GMT
server: AmazonS3
etag: "6bc90f1d3a29147ff0b91781afed105a"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 7jzufJ8BNWAkNScCU8TsVvvqEpKLuZIThpT9Uo2TBTZOMsTU9isOww==

GET
H2 200 651dc0dd1100a35299ae26b3_400PostitveBewertungen-1-1024x307%20(1).png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 56 KB
56 KB 163ms
156ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dc0dd1100a35299ae26b3_400PostitveBewertungen-1-1024x307%20(1).png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9dac46df48f84d10c4baa4ea240110fdfa3c4d39fd8dbb9e8c15d46f6b635e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: OEbi1Jap2E7rHywVl64Mpml7r5fTnY2W
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446776
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 57220
last-modified: Wed, 04 Oct 2023 19:45:34 GMT
server: AmazonS3
etag: "9286f0133c8ce91fa4e94b9b0149bad5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: HXbHFdOqCFW_L9XWmiHpe3fYcRcEbU59RU20Jk7fOfL-VxD3vLcNXg==

GET
H2 200 651dc0f03db8bbacc1290adb_Logo2-1024x307%20(1).png
assets-global.website-files.com/651d7df329f290d6d82c064e/ 61 KB
62 KB 163ms
156ms Image
image/png 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/651dc0f03db8bbacc1290adb_Logo2-1024x307%20(1).png
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8aa4dca78911f0f7edfae834be2c56a2ed3e3079030538fd6829944bb14a9197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: UWpGRNX9QHr7bugczjL.Du6YgsHsfqGd
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446775
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 62895
last-modified: Wed, 04 Oct 2023 19:45:54 GMT
server: AmazonS3
etag: "193bc261545512c252d93bcab1cfa996"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: ld1PkQ-CiFxQf4Tb9MsaWMMJyvEPSy7k8zdzf-Rz_1042dedVZLazQ==

GET
H2 200 65257aa567346b6928bb0bbd_3versuch.svg
assets-global.website-files.com/651d7df329f290d6d82c064e/ 814 B
1 KB 160ms
155ms Image
image/svg+xml 2600:9000:2156:3800:12:9e5f:cac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-global.website-files.com/651d7df329f290d6d82c064e/65257aa567346b6928bb0bbd_3versuch.svg
Requested by: Host: www.medi.ceo
URL: https://www.medi.ceo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3053b802cd1ff1bef8d9615d5835322322e81374be2eccf0eb11fc78ff993f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 11:12:41 GMT
x-amz-version-id: fpWcUtzTj5j3p.xa0dKLfJYlLVTdD9hP
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
age: 446775
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 814
last-modified: Tue, 10 Oct 2023 16:24:08 GMT
server: AmazonS3
etag: "b0e9788e069d170b973f1cddad3d66ca"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: KKtYmGPKfPJ5jQnp9HlDC0Evu3LNCY4quUTjj3uo_5IEoHxysa2A8Q==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 150ms
53ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CLato:100,100italic,300,300italic,400,400italic,700,700italic,900,900italic%7CInter:100,200,300,regular,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:19:49 GMT
x-content-type-options: nosniff
age: 421147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:19:49 GMT

GET
H2 200 01HCYQZ15WK6W5P1HAFT050BXR Show response
api.typeform.com/single-embed/ 260 B
1 KB 1258ms
710ms Fetch
text/plain 44.209.39.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.typeform.com/single-embed/01HCYQZ15WK6W5P1HAFT050BXR

Requested by

Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.209.39.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-209-39-140.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

425b8e01af50310b87dec1daaaf4c8d0009efcd656d523c5c967a5ecabdea8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 15:18:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains
server: istio-envoy
traceparent: 00-8625ba3e9d52a0ef271a9e58a821a24f-8463b73ee44a2ce7-01
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
content-type: text/plain; charset=utf-8
x-release: 6010516253
access-control-allow-origin: https://www.medi.ceo
access-control-expose-headers: Location, X-Request-Id
x-envoy-upstream-service-time: 5
x-commit-sha: 325876940d02d4e7df7f4742b6f38803f5a15a75
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
content-length: 260
x-build-date: 2023-08-29T11:38:27+02:00

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 213ms
190ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 18:17:59 GMT
x-content-type-options: nosniff
age: 421257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 18:17:59 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 33 KB
34 KB 131ms
109ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 19:03:01 GMT
x-content-type-options: nosniff
age: 418555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 19:03:01 GMT

GET
H2 200 S6u8w4BMUTPHh30AXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 21 KB
21 KB 194ms
173ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHh30AXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:56:47 GMT
x-content-type-options: nosniff
age: 19329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21508
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:56:47 GMT

GET
H2 200 S6u-w4BMUTPHjxsIPx-oPCI.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 200ms
178ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u-w4BMUTPHjxsIPx-oPCI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:17:41 GMT
x-content-type-options: nosniff
age: 428475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:17:41 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 223ms
202ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 07:52:55 GMT
x-content-type-options: nosniff
age: 113161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Oct 2024 07:52:55 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 17 KB
17 KB 225ms
204ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 23:40:05 GMT
x-content-type-options: nosniff
age: 315531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17728
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 23:40:05 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 204ms
183ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 474010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 03:38:46 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 154ms
133ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 23:21:56 GMT
x-content-type-options: nosniff
age: 316620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 23:21:56 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 185ms
164ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 16:54:52 GMT
x-content-type-options: nosniff
age: 426244
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 16:54:52 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 169ms
148ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Fri, 13 Oct 2023 04:10:54 GMT
x-content-type-options: nosniff
age: 385682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Oct 2024 04:10:54 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 241ms
221ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 21:39:44 GMT
x-content-type-options: nosniff
age: 409152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Oct 2024 21:39:44 GMT

GET
H2 200 S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 243ms
222ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI3wi_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.medi.ceo
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 16:38:17 GMT
x-content-type-options: nosniff
age: 254439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23736
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:11:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 16:38:17 GMT

POST
H2 200 / Show response
eu.posthog.com/e/ 13 B
427 B 56ms
53ms XHR
application/json 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.posthog.com/e/?ip=1&_=1697555936514&ver=1.83.2

Requested by

Host: eu.posthog.com
URL: https://eu.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-80.fra56.r.cloudfront.net

Software

Resource Hash

7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medi.ceo/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Oct 2023 15:18:56 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.medi.ceo
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: g0mPk8PNCs0f9uTRo32pX40OHT7ebT9FeudVJ6S-6QiVtPKXFHAm5Q==

POST
H2 200 / Show response
eu.posthog.com/decide/ 542 B
956 B 78ms
75ms XHR
application/json 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.posthog.com/decide/?v=3&ip=1&_=1697555936515&ver=1.83.2

Requested by

Host: eu.posthog.com
URL: https://eu.posthog.com/static/array.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-80.fra56.r.cloudfront.net

Software

Resource Hash

9537cffa06dbf07c23f6e83e4036fb3413f422ffdbbad9d35772ee26fad33e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.medi.ceo/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Oct 2023 15:18:56 GMT
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
referrer-policy: same-origin
x-amz-cf-pop: FRA56-P5
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.medi.ceo
x-cache: Miss from cloudfront
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type
x-amz-cf-id: 43rxDO6BB6_sl5_KbiTaZLAACs0XyvQcvc7aCIr2s_MDyHVJ6---4A==

GET
H2 200 widget.css
embed.typeform.com/next/css/ 1 KB
937 B 49ms
48ms Stylesheet
text/css 2600:9000:2304:5e00:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.typeform.com/next/css/widget.css

Requested by

Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:5e00:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

497f6448ff156b6376433b0fa5b6a379384ab71d48e507c54383422c329f6c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.medi.ceo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: nSjCKbaSvQ.CPdmDoHYQa4AIiT0tiELf
content-encoding: gzip
via: 1.1 7813cdcdfb1cffa9f5c7d09f66440476.cloudfront.net (CloudFront)
date: Tue, 17 Oct 2023 15:18:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: VIE50-P1
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 03 Oct 2023 07:57:14 GMT
server: AmazonS3
etag: W/"5fbc51d6865f7f4bcdfde00acd98f666"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, must-revalidate
x-amz-cf-id: 9jFkntowAKBkQXhyxScFQwTIYcld-lzzP698j5nqv8GvUU_4NhbPKw==

GET
H2 200 kHzCIHci Show response
form.typeform.com/to/ Frame 77FA 201 KB
65 KB 625ms
290ms Document
text/html 54.146.153.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true

Requested by

Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.146.153.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-153-6.compute-1.amazonaws.com

Software

istio-envoy / 8335-7.98.18

Resource Hash

7d92b6d646199ef4e1cf5623623bdd5bfb6f4ee5cc225ceaa393903ac3603375

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://www.medi.ceo/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers: Location, X-Request-Id
age: 0
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Tue, 17 Oct 2023 15:18:58 GMT
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-cache: MISS
x-cache-lookup: HIT
x-envoy-upstream-service-time: 150
x-powered-by: 8335-7.98.18
x-varnish: 110544094

GET
H2 200 modern-renderer.2753d704b7d87f6f318d.js Show response
renderer-assets.typeform.com/ Frame 77FA 930 KB
277 KB 192ms
48ms Script
application/x-javascript 2600:9000:2156:7200:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/modern-renderer.2753d704b7d87f6f318d.js

Requested by

Host: form.typeform.com
URL: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7200:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

39c34a386d86273952e5ba30a9cb80b8cbd7e39f42ade4bce0069a425dd15aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Origin: https://form.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id: H0l4x4VOsN.fVMTua1JH7Wgn4o_9k_i.
content-encoding: gzip
via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
date: Tue, 17 Oct 2023 07:56:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA50-C1
age: 26557
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 12:49:45 GMT
server: AmazonS3
etag: W/"60af00810a97acee65a6c17a9665e548"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=2419200
x-amz-cf-id: TISxZXag9n-nFcg3EaY3BwjIgto9rmIKz5PttvYNiP4P3UbUA3cCGg==

GET
H3 200 vendors~form~blocks-validation-phone_number.c4084deb03a503f57857.renderer.js Show response
renderer-assets.typeform.com/ Frame 77FA 119 KB
31 KB 125ms
43ms Script
application/x-javascript 2600:9000:2156:7200:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number.c4084deb03a503f57857.renderer.js

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2753d704b7d87f6f318d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2156:7200:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9956057a5efbec89e62caaf9863ef0e92f2fd50061a28dfff635ff2d1ad4c881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-amz-version-id: KvwbHkud5hP.I23FlIW4pMRkMJyiTH7.
content-encoding: gzip
date: Tue, 17 Oct 2023 07:19:46 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 28754
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 12 Oct 2023 10:22:39 GMT
server: AmazonS3
etag: W/"1f85d032e8d6f416fac644d156282dca"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: dApM4CvqOsSZndpeCPeDuYGRQBbVoAP5p9UojwUmmZZWxw6Sg_Xk_A==

GET
H3 200 vendors~form.3e3f0afc67eac9ed1db4.renderer.js Show response
renderer-assets.typeform.com/ Frame 77FA 217 KB
65 KB 126ms
46ms Script
application/x-javascript 2600:9000:2156:7200:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/vendors~form.3e3f0afc67eac9ed1db4.renderer.js

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2753d704b7d87f6f318d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2156:7200:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

983b7adabbe58b50bf65ed69acb0a67ac7550978865d473040ee4a7e2e7cdc29

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-amz-version-id: PwvT5NN14YadDhrAzIAort.YXEkLxCWX
content-encoding: gzip
date: Tue, 17 Oct 2023 07:56:24 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 26556
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 12:49:45 GMT
server: AmazonS3
etag: W/"b606168cd065ff7af5f53c2f4f431047"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: _an1s8fKws-kezTIPMIlTR2Ap6fUuJTtK20aDAwx6RrqQm0IbKBldg==

GET
H3 200 form.3a35147e1b979fd8b48a.renderer.js Show response
renderer-assets.typeform.com/ Frame 77FA 145 KB
43 KB 132ms
49ms Script
application/x-javascript 2600:9000:2156:7200:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/form.3a35147e1b979fd8b48a.renderer.js

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.2753d704b7d87f6f318d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2156:7200:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e30254fc6f42a0228e585616bb446c31772824b1b2c3600218441f83c85f2c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-amz-version-id: VhGNgPGSt99PGGVKvNu3chI1d1BzPGwx
content-encoding: gzip
date: Tue, 17 Oct 2023 07:56:24 GMT
via: 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
age: 26556
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 13 Oct 2023 12:49:45 GMT
server: AmazonS3
etag: W/"8e618057eefdcbe4de31de64c1f6f1bc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: lXGa7fvPu6uY5bs_Mp5izsNpnWJH0MT2wRQN6EwanKKfyCR80SJtmw==

POST
H2 200 view-form-open Show response
form.typeform.com/forms/kHzCIHci/insights/events/v3/ Frame 77FA 2 B
907 B 146ms
142ms Fetch
application/json 54.146.153.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/forms/kHzCIHci/insights/events/v3/view-form-open

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.146.153.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-146-153-6.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 17 Oct 2023 15:18:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-backend: papi
server: istio-envoy
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
x-release: 6535698201
content-type: application/json
access-control-allow-origin: https://form.typeform.com
access-control-expose-headers: Location, X-Request-Id
x-envoy-upstream-service-time: 1
x-service: insights-3.0
x-commit-sha: 863ca93ab8d8cac0aafb9a18db55f79b8ecfe989
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
content-length: 2
x-build-date: 2023-10-16T17:17:58+02:00

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1/ Frame 77FA 467 KB
134 KB 585ms
480ms Script
text/javascript 2600:9000:214f:4a00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.3e3f0afc67eac9ed1db4.renderer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4a00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e31fcd40a8a22729a399d91613e089c4420778068b944585008530dfe3ee2f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 15:19:01 GMT
content-encoding: gzip
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified: Mon, 29 May 2023 08:37:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"65c4d4ade45e1dcd64e310e0429062fd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QJQoZyD9mot13njQYTDXJx15n3o3wEsHNkZEfPSx6QcZPXqSyHqhEA==

GET
H2 200 / Show response
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 77FA 610 B
744 B 141ms
141ms XHR
application/json 44.218.113.159

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.33.0
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.113.159 -, , ASN (),
Reverse DNS
Software: uvicorn /
Resource Hash: 1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 17 Oct 2023 15:19:01 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 610
content-type: application/json

OPTIONS
H2 200 /
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 0
0 471ms
139ms Preflight
text/plain 44.218.113.159

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.33.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.218.113.159 -, , ASN (),
Reverse DNS
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Tue, 17 Oct 2023 15:19:01 GMT
server: uvicorn
vary: Origin

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 77FA 2 B
157 B 150ms
149ms XHR
text/plain 3.86.120.180

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.120.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
AnonymousId: NWVlOTZlNWUtODU0Mi00MWJkLWEzODEtNTY5NDNiMTdiNjVk
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Tue, 17 Oct 2023 15:19:01 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 501ms
139ms Preflight 3.86.120.180

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.120.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Tue, 17 Oct 2023 15:19:01 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 77FA 2 B
157 B 154ms
154ms XHR
text/plain 3.86.120.180

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.120.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/kHzCIHci?typeform-embed-id=2594410983641926&typeform-embed=embed-widget&typeform-source=medi.ceo&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
AnonymousId: NWVlOTZlNWUtODU0Mi00MWJkLWEzODEtNTY5NDNiMTdiNjVk
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Tue, 17 Oct 2023 15:19:01 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 141ms
140ms Preflight 3.86.120.180

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.120.180 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Tue, 17 Oct 2023 15:19:01 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.medi.ceo/	1970-01-21 00:18:11	Name: ph_phc_RYChOHs7WUKynt9w1LPcoGJgDKeVThBpV2kMBLJES6i_posthog Value: %7B%22distinct_id%22%3A%22018b3e37-f4fd-7e36-9c60-d7071d08b9a9%22%2C%22%24device_id%22%3A%22018b3e37-f4fd-7e36-9c60-d7071d08b9a9%22%2C%22%24user_state%22%3A%22anonymous%22%2C%22%24sesid%22%3A%5B1697555936511%2C%22018b3e37-f4ff-7290-9d59-fb775ad914b0%22%2C1697555936511%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24autocapture_disabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%22has-clinic%22%2C%22is-initial-payment%22%5D%2C%22%24enabled_feature_flags%22%3A%7B%22has-clinic%22%3A%22control%22%2C%22is-initial-payment%22%3A%22control%22%2C%22survey-targeting-test-survey%22%3Afalse%2C%22show-lyra%22%3Afalse%2C%22use-dev-url%22%3Afalse%2C%22reanimation-assistent%22%3Afalse%7D%2C%22%24feature_flag_payloads%22%3A%7B%7D%7D
.typeform.com/	1970-01-20 19:56:07	Name: tf_respondent_cc Value: {%22groups%22:[%222%22%2C%223%22%2C%224%22]%2C%22timestamp%22:%222023-10-17T15:18:59.513Z%22%2C%22implicitConsent%22:true}
.typeform.com/	1970-01-21 00:18:11	Name: attribution_user_id Value: 4920623f-0b9c-4b27-8537-839c69061d39
form.typeform.com/	1970-01-20 15:42:40	Name: AWSALBTGCORS Value: EYoZmXU6zmWIxIPQvLGUgtfysxXZP9Htk3QsqDU1IWXsJQQqaJa1rmWxZDW3pj/0Sy9HgjZNo6CIbPluCC3GcoT/B+l1wmuIoqT+Ks9axVh+FPBVi+st9t18kzQSvwu7HQ0H2GK2xXbU6Dd2VFan9EIcFF9lFP+TuuMClwHL8bnZ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.typeform.com
assets-global.website-files.com
cdn.rudderlabs.com
d3e54v103j8qbb.cloudfront.net
embed.typeform.com
eu.posthog.com
fonts.googleapis.com
fonts.gstatic.com
form.typeform.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
www.medi.ceo
18.66.112.80
2600:9000:214f:4a00:16:a497:9700:93a1
2600:9000:2156:3800:12:9e5f:cac0:93a1
2600:9000:2156:7200:4:f6ce:61c0:93a1
2600:9000:2304:5e00:2:c605:29c0:93a1
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:82b::200a
3.86.120.180
44.209.39.140
44.218.113.159
52.17.119.105
52.222.232.47
54.146.153.6
63.35.51.142
01b22287b3d9ee18b4e1b50d1a174a670bca607ef7d7ccff7ff6392c668910f5
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
062182477adacb58acc5cd4b94f98523c9971d3494544d9d7bb9970726fc6d13
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0d30d1d8a5f76d518c6af66679a8946db4630644e7db12b4c1ad1b6c61e3ab3a
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
1cefad82479c68d0f88d189fad1ee319e2cfdc074fe34f49098b11c8d79fc88b
1d01340f1d6765e50d670ba8d7ef1f1cab1df0104e681390131c966a3c61ec14
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
39c34a386d86273952e5ba30a9cb80b8cbd7e39f42ade4bce0069a425dd15aeb
3e31fcd40a8a22729a399d91613e089c4420778068b944585008530dfe3ee2f1
425b8e01af50310b87dec1daaaf4c8d0009efcd656d523c5c967a5ecabdea8c4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
497f6448ff156b6376433b0fa5b6a379384ab71d48e507c54383422c329f6c93
53b3646e6f7c19708018832281d9346b2e20a4a3b2ea0f8ee90183e977ddb0b0
53e3365f787ca31aa5bf5a27a1d247822db83eb402699c6c30085520745f9f32
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57ed2bcfb3e57124c256ed8b4fe480ea4b89d672f46c5ea787c0cc95fb868d19
5ee0f5ca93b1380d0fcff8118ac1691f3109349d38a1466cc8c13d419868e636
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7d92b6d646199ef4e1cf5623623bdd5bfb6f4ee5cc225ceaa393903ac3603375
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8716ea38d543475b98275d127b4ac6a98eaf315d8444abc717fcec1662d042d2
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8aa4dca78911f0f7edfae834be2c56a2ed3e3079030538fd6829944bb14a9197
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9537cffa06dbf07c23f6e83e4036fb3413f422ffdbbad9d35772ee26fad33e12
983b7adabbe58b50bf65ed69acb0a67ac7550978865d473040ee4a7e2e7cdc29
9956057a5efbec89e62caaf9863ef0e92f2fd50061a28dfff635ff2d1ad4c881
a79b4c65b454a795ff3868156f54be09ac8360b9fd3ba21431b5c48fd9b66afa
a961366b4346f6078cc2f164d2c019f63b37e2693f6fc93a995048a98b25c083
b19efe906c9b0345db45525ed83c76031644e39329a36d39badf5275bce363c2
b301d2e986ef31562b6931728175d57faa30de3b0c598b869762b666b1b60106
b5897267075ac6d6b5ee7c1f122316f70e34dc28d3d8cd952889c70ee3e0c773
b8b1d6adfd5ec17851b45046728d9d7b44d285e4d0519b9944d6e0f31819eded
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c3053b802cd1ff1bef8d9615d5835322322e81374be2eccf0eb11fc78ff993f4
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d32335c2c5fd5de9ee5f3d3b1fe4d9dde14aad16eda570a35018b0ff1dc093d2
dce99c079da06d0a1f009d7c1be77f76df65dc1bf68985f99296781700e29a1d
ddaeb848fb75237a3f7af0b3b0aa3b76e411fd8b43b72bc50d66c855897a1ff3
e30254fc6f42a0228e585616bb446c31772824b1b2c3600218441f83c85f2c17
ed022ac0a01f878757a9411915b158131972250694ffe6aac7eb019db3ac7d7b
f42ccfcefa439052738d1d882a29f4a784fcd6e1729176db03e366ac10aa7cb7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9dac46df48f84d10c4baa4ea240110fdfa3c4d39fd8dbb9e8c15d46f6b635e9
fbab7a9fb4a990c09dcfac21d48911dca8b1024319e6f81951b1356478568692
fd0db7d29c221fbfb75787d73b7ad4cbd8ead007b5254a043af356c623fb0fa1

www.medi.ceo Open in urlscan Pro 52.17.119.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

47 %IPv6

8 Domains

14 Subdomains

15 IPs

3 Countries

3409 kBTransfer

5745 kBSize

4 Cookies

13 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.medi.ceo Open in urlscan Pro
52.17.119.105 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

47 %
IPv6

8
Domains

14
Subdomains

15
IPs

3
Countries

3409 kB
Transfer

5745 kB
Size

4
Cookies

54 HTTP transactions
1 data transactions