r3medical.com Open in urlscan Pro
72.52.135.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://r3medical.com/
Submission: On May 06 via manual (May 6th 2023, 1:47:06 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 18 domains to perform 83 HTTP transactions. The main IP is 72.52.135.219, located in United States and belongs to LIQUIDWEB, US. The main domain is r3medical.com.

This is the only time r3medical.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	72.52.135.219 72.52.135.219	32244 (LIQUIDWEB) (LIQUIDWEB)
4	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2 2	2606:4700:20:... 2606:4700:20::ac43:4879	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:8c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
5	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:214... 2600:9000:214f:a800:5:8f6d:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2 4	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	143.204.89.73 143.204.89.73	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
11	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
1	75.101.184.39 75.101.184.39	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.22.208.219 52.22.208.219	14618 (AMAZON-AES) (AMAZON-AES)
2	52.219.220.56 52.219.220.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.219.80.168 52.219.80.168	16509 (AMAZON-02) (AMAZON-02)
83	22

1 72.52.135.219 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host2.charleygreene.com

r3medical.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4879 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

sellwithchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:8c3 (United States)

ASN13335 (CLOUDFLARENET, US)

sellwithchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:a800:5:8f6d:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

i.tryinteract.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.202.21.90 (Council Bluffs, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

usleadnetwork.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.89.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-73.fra50.r.cloudfront.net

quiz.tryinteract.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.184.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-184-39.compute-1.amazonaws.com

quiz.api.tryinteract.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.208.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-208-219.compute-1.amazonaws.com

a2.tryinteract.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.219.220.56 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.80.168 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

agent-alias.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 60	247 KB
12	typekit.net use.typekit.net — Cisco Umbrella Rank: 432 p.typekit.net — Cisco Umbrella Rank: 559	175 KB
10	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 33811	5 KB
8	gstatic.com fonts.gstatic.com	231 KB
6	tryinteract.com i.tryinteract.com — Cisco Umbrella Rank: 86522 quiz.tryinteract.com — Cisco Umbrella Rank: 137407	245 KB
6	sellwithchat.com 2 redirects sellwithchat.com — Cisco Umbrella Rank: 406756	248 KB
5	center.io js.center.io — Cisco Umbrella Rank: 41154	20 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 ajax.googleapis.com — Cisco Umbrella Rank: 328	37 KB
4	lpages.co 2 redirects usleadnetwork.lpages.co	47 KB
3	amazonaws.com s3-us-west-1.amazonaws.com agent-alias.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 99911	120 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 150	70 KB
3	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 39083	44 KB
2	tryinteract.io quiz.api.tryinteract.io — Cisco Umbrella Rank: 145786 a2.tryinteract.io — Cisco Umbrella Rank: 150675	4 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 793	7 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2738	915 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	185 B
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 52089	15 KB
1	r3medical.com r3medical.com	22 KB
83	18

	Domain	Requested by
15	lh3.googleusercontent.com	r3medical.com
11	use.typekit.net	quiz.tryinteract.com
10	api.leadpages.io	js.center.io static.leadpages.net embed.lpcontent.net
8	fonts.gstatic.com	fonts.googleapis.com
6	sellwithchat.com	2 redirects r3medical.com sellwithchat.com
5	js.center.io	r3medical.com js.center.io usleadnetwork.lpages.co
4	quiz.tryinteract.com	i.tryinteract.com quiz.tryinteract.com
4	usleadnetwork.lpages.co	2 redirects static.leadpages.net embed.lpcontent.net
4	fonts.googleapis.com	r3medical.com quiz.tryinteract.com usleadnetwork.lpages.co
3	connect.facebook.net	r3medical.com connect.facebook.net
3	static.leadpages.net	r3medical.com usleadnetwork.lpages.co
2	s3-us-west-1.amazonaws.com	r3medical.com
2	i.tryinteract.com	r3medical.com quiz.tryinteract.com
1	agent-alias.s3.us-east-2.amazonaws.com
1	maxcdn.bootstrapcdn.com	usleadnetwork.lpages.co
1	ajax.googleapis.com	sellwithchat.com
1	a2.tryinteract.io	i.tryinteract.com
1	p.typekit.net	r3medical.com
1	quiz.api.tryinteract.io	quiz.tryinteract.com
1	cdn.polyfill.io	quiz.tryinteract.com
1	www.facebook.com	r3medical.com
1	embed.lpcontent.net	r3medical.com
1	r3medical.com
83	23

This site contains links to these domains. Also see Links.

Domain
event.webinarjam.com

Subject Issuer	Validity	Valid
static.leadpages.net GTS CA 1D4	`2023-04-25` - `2023-07-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
embed.lpcontent.net GTS CA 1D4	`2023-04-11` - `2023-07-10`	3 months	crt.sh
js.center.io GTS CA 1D4	`2023-03-25` - `2023-06-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-12` - `2023-05-13`	3 months	crt.sh
i.tryinteract.com Amazon RSA 2048 M02	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.lpages.co R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.leadpages.io Go Daddy Secure Certificate Authority - G2	`2022-10-27` - `2023-10-22`	a year	crt.sh
quiz.tryinteract.com Amazon RSA 2048 M01	`2022-12-22` - `2024-01-20`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
quiz.api.tryinteract.io R3	`2023-05-03` - `2023-08-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
*.tryinteract.io Amazon RSA 2048 M02	`2023-02-20` - `2023-07-21`	5 months	crt.sh
*.s3-us-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-01-21`	9 months	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2024-02-28`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://r3medical.com/
Frame ID: 224F8CEA2625DFB6821AD63F59959E98
Requests: 41 HTTP requests in this frame

Frame: https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/
Frame ID: 6330D8AE49B8F062AE01C2D32C6F5E07
Requests: 8 HTTP requests in this frame

Frame: https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/
Frame ID: 40DE1C521E5358ADFEE6079F37330D84
Requests: 5 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: AD3D825671FFD18D6D360286D0B86EFE
Requests: 1 HTTP requests in this frame

Frame: https://quiz.tryinteract.com/
Frame ID: 3366E0F318B61BA6BD70ACF6644E34F1
Requests: 26 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 29B5A04FB3C6EBB9C4269C76EEDAB0DA
Requests: 1 HTTP requests in this frame

Frame: https://agent-alias.s3.us-east-2.amazonaws.com/mg__7979.png
Frame ID: 77F37A265069EEC277093CB3CEF060F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Regenerative Procedure Insurance Program

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

83
Requests

96 %
HTTPS

61 %
IPv6

18
Domains

23
Subdomains

22
IPs

2
Countries

1536 kB
Transfer

3673 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://event.webinarjam.com/register/9/62x71to
Title: REGISTER FOR WEBINAR

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://sellwithchat.com/scripts/invitation.ashx?company=r3medical HTTP 301
https://sellwithchat.com/scripts/invitation.ashx?company=r3medical

Request Chain 22

http://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/ HTTP 301
https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/

Request Chain 25

http://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/ HTTP 301
https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/

Request Chain 64

http://sellwithchat.com/handlers/slim/pinghandler.ashx?company=r3medical&ecid=pZ5YHTWdixz7d62/+pmr1299VnPXNDzfeYhswFdgI1qOtFRWmPxO/TY=&visitorId=undefined&agentAliasId=7979&operatorId=undefined&profileId=179152&gclid=&gs=&gm=&gc=&chatId=null&invitationVersion=2&chatMode=2&originalReferrer= HTTP 301
https://sellwithchat.com/handlers/slim/pinghandler.ashx?company=r3medical&ecid=pZ5YHTWdixz7d62/+pmr1299VnPXNDzfeYhswFdgI1qOtFRWmPxO/TY=&visitorId=undefined&agentAliasId=7979&operatorId=undefined&profileId=179152&gclid=&gs=&gm=&gc=&chatId=null&invitationVersion=2&chatMode=2&originalReferrer=

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
r3medical.com/ 109 KB
22 KB 1359ms
621ms Document
text/html 72.52.135.219
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: http://r3medical.com/
Protocol: HTTP/1.1
Server: 72.52.135.219 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host2.charleygreene.com
Software: Apache /
Resource Hash: 3ae29beea4704cd7ccc27bdf0182c991708bc8f0706eaf4fe3138c1710a1a54f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Upgrade, Keep-Alive
Content-Encoding: gzip
Content-Length: 21888
Content-Type: text/html; charset=UTF-8
Date: Sat, 06 May 2023 13:46:58 GMT
Keep-Alive: timeout=2, max=500
Server: Apache
Upgrade: h2,h2c
Vary: Accept-Encoding,User-Agent

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ 58 KB
15 KB 156ms
40ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:01:05 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 308754
etag: "BTybeQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 0818dbc07bad12054208afc3e76df105
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Thu, 02 May 2024 00:01:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 139ms
51ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre%20Franklin:300,400,500,700

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e84279b1548febfa2f875b02a56f7f1feafac4b0fac86a8ca2aac6917a02d6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 May 2023 13:46:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 May 2023 13:46:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 May 2023 13:46:59 GMT

GET
H2 200 embed.js Show response
static.leadpages.net/leadbars/current/ 45 KB
16 KB 41ms
41ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/leadbars/current/embed.js
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 304cbf293fdb3c3b8b362cb747707db75b3d46144e1251a4f8a3eae2e9a88eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:42:34 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 265
etag: "S86klQ"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 919e0177056745f36b2ddbfd6c1a671f
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15839
expires: Sat, 06 May 2023 13:47:34 GMT

GET
H2

200

invitation.ashx Show response
sellwithchat.com/scripts/
Redirect Chain

http://sellwithchat.com/scripts/invitation.ashx?company=r3medical
https://sellwithchat.com/scripts/invitation.ashx?company=r3medical

3 KB
3 KB

779ms
690ms

Script
text/javascript

2606:4700:20::681a:8c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sellwithchat.com/scripts/invitation.ashx?company=r3medical
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Server: 2606:4700:20::681a:8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd7093d94f933ffea6730fe47d576cb15264297a64deb6df44c146b23f2ade29

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 2212
x-ua-compatible: IE=edge
request-context: appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu7lNtMbfYNUTfsbn0NngE7dhNE5igck6ECfSnntYmwnA9Fpc77D9tc%2Fm3JLMVwopyzwsSH1mTh8I0T4z%2FuQzE3qbEMYw8Wsuqqudu9Q4twiLAa9ekPjXBFFjinD2E1Zb7KrmaGwVLSK5bGRPSs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Request-Context
cache-control: private,no-transform
cf-ray: 7c31ac29082237fe-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization

Redirect headers

Date: Sat, 06 May 2023 13:46:59 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hgv59HkvZy%2FdABgBQOInlRoIQ13yr2QhEHwynTk6Atlo6I58Xh%2FY15CPzbhR1a2Uft%2BpJJ11WIWYMHD9GKQM9xuf285LfyDwhXHKfHXe7LVCcxhzlqIjufnRnqsN8eDXmL7JRFGBchlZFa3Vny4%3D"}],"group":"cf-nel","max_age":604800}
Location: https://sellwithchat.com/scripts/invitation.ashx?company=r3medical
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7c31ac282e8c6916-FRA
Expires: Sat, 06 May 2023 14:46:59 GMT

GET
H2 200 W4bjJ_brbiieFnFjf12Kz9vCi5IGuU7jYac5Qkco-DoHI5Jnw9u3bn9IXHtAIKHKnKqnhpI29aYjYbAk8MpGAg=w16
lh3.googleusercontent.com/ 447 B
509 B 531ms
419ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/W4bjJ_brbiieFnFjf12Kz9vCi5IGuU7jYac5Qkco-DoHI5Jnw9u3bn9IXHtAIKHKnKqnhpI29aYjYbAk8MpGAg=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d6873cc839fb4dda31b3e7b375ec8a28eb75a5b968f64ec5bf84fea1d9af71fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 447
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 PN_bgS652msA1Uaj3J5XC6gB-Yn9mHhqUGQ86S1EnFbCrSXR7_yZaq0C2fCj1hpgtudz49VlTAbgupOVnlMEUg=s0
lh3.googleusercontent.com/ 36 KB
36 KB 616ms
504ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PN_bgS652msA1Uaj3J5XC6gB-Yn9mHhqUGQ86S1EnFbCrSXR7_yZaq0C2fCj1hpgtudz49VlTAbgupOVnlMEUg=s0

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c1a3c64eb029a30f8670cd26a9fd937b889adc4d9ee912a975e4da51fc16c820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37137
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 zz8qWnPtHEeOTs7Bb8v5EEoHtZEbnoSoYf6LeaGIqELsCZKePfIIkWsjAxR91FsWZC1ZV605E8SSJkI8cO4dzA=w16
lh3.googleusercontent.com/ 431 B
502 B 734ms
622ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zz8qWnPtHEeOTs7Bb8v5EEoHtZEbnoSoYf6LeaGIqELsCZKePfIIkWsjAxR91FsWZC1ZV605E8SSJkI8cO4dzA=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c07c3025f0343324249ce781848a7d744fbe9558aa74571e557759829bdbfd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 431
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 MHqdQEZ2SudLkRqUhYYuXIpsonzafTS0Mlhn4vKvqBKbq1ps8jAAECPYzzppQH2s1KC8O0vZAB514AV8uMsR7g=s0
lh3.googleusercontent.com/ 45 KB
45 KB 581ms
470ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MHqdQEZ2SudLkRqUhYYuXIpsonzafTS0Mlhn4vKvqBKbq1ps8jAAECPYzzppQH2s1KC8O0vZAB514AV8uMsR7g=s0

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9759ad43d470ff696d20351cccf4a11e9509b1c3f4e66cf94e661e802eaf0f6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46276
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 yd5dnUVmMlb5wIgkIaCXA_ybpz3Ob7L2DEgQ2h9yhSNW8BitcVDOH3THdvFgI8ozIGEg4ADzyF77MKLEFVuP=s0
lh3.googleusercontent.com/ 11 KB
11 KB 596ms
484ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/yd5dnUVmMlb5wIgkIaCXA_ybpz3Ob7L2DEgQ2h9yhSNW8BitcVDOH3THdvFgI8ozIGEg4ADzyF77MKLEFVuP=s0

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bde69240dc12023f02e6ce8fc871b4f3415a376b1ee85295e33fccdcde8d1568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11682
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 bqaIm-Hdr2-xWRQJquR9dURWjZvYRuVsp93gZbw-ZtU0JTgQ8mNKfpJ0bbRZT8GssXgKPZhf5AJC475Kr4j3tHM=s0
lh3.googleusercontent.com/ 26 KB
26 KB 606ms
494ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/bqaIm-Hdr2-xWRQJquR9dURWjZvYRuVsp93gZbw-ZtU0JTgQ8mNKfpJ0bbRZT8GssXgKPZhf5AJC475Kr4j3tHM=s0

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6b041462efaabe266e979e31c911317c2cf6c83e95150d721dbe9b5ba1fd9cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26365
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 QmE6r4urJJvirw8IwH7QhLpYAuJuo2-v41iKqlU8ztQ5n4czG5KVTcZQUcRDN_gkjzScGEC_yrH_hvsHJVtz=w16
lh3.googleusercontent.com/ 3 KB
4 KB 398ms
398ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/QmE6r4urJJvirw8IwH7QhLpYAuJuo2-v41iKqlU8ztQ5n4czG5KVTcZQUcRDN_gkjzScGEC_yrH_hvsHJVtz=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2639a9ab4fde159616069cfb6384ab93589e2c5e8e89e334ecc86bbcea043dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3560
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 e6IeaKlHx9WvSnixBZmfNqOgz1Y9MTVapgniiaVXrpn2dypViZOXV8C-bPG8BX0w_EBsRdfUwP9phkLlrfA1JOs=w16
lh3.googleusercontent.com/ 2 KB
2 KB 391ms
390ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/e6IeaKlHx9WvSnixBZmfNqOgz1Y9MTVapgniiaVXrpn2dypViZOXV8C-bPG8BX0w_EBsRdfUwP9phkLlrfA1JOs=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

777a54d11b08aeb4dfb4f560343320a6700c77d33f6c25c866a9329b2ee22c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1643
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 gsD5Nrxasly9U_3cTfHaS1v0lak_ribffXslgf5nI3FZyEiypv11Qn6mAxUM_uKphZ4t5AD9BfjJA8vNSuNYSg=w16
lh3.googleusercontent.com/ 1 KB
1 KB 378ms
378ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/gsD5Nrxasly9U_3cTfHaS1v0lak_ribffXslgf5nI3FZyEiypv11Qn6mAxUM_uKphZ4t5AD9BfjJA8vNSuNYSg=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5bbabbac4ae5e98f19304ca96aa782fdd589d829b0b4ec45787a060aade409bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1054
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 147ms
40ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:54 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 5
etag: "S86klQ"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: c1f2c2075bd3a17f5a04b64956a4c068;o=1
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
expires: Sat, 06 May 2023 13:51:54 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
5 KB 168ms
54ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:44:42 GMT
content-encoding: gzip
server: Google Frontend
age: 137
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: 4f60865134d2025b80051f30d8634099
cache-control: public, max-age=300
content-length: 5417
expires: Sat, 06 May 2023 13:49:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 138ms
45ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 13:46:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sXW1ij58fnn7npDsdRWz2vgNuhHERjr7ngbXTipWUcxgRUspdAve8S0Ebm0sulX5DLtbpGhYBAPgNYYPfE49dQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 app.js Show response
i.tryinteract.com/embed/ 4 KB
2 KB 180ms
39ms Script
application/javascript 2600:9000:214f:a800:5:8f6d:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.tryinteract.com/embed/app.js
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a800:5:8f6d:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e00391966f2cbbe56cae45b8712573dcbc38edac69779dbe7bd441c58ce86e04

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 00:50:23 GMT
content-encoding: gzip
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified: Wed, 02 Sep 2020 17:41:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 46618
etag: W/"aaf44ec5cce62c05cfed9d3fa2aa4b8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _ADWNdiFJ_Gof-LTX21s2uz0QjP_D1Xyh8qXl6QkmiDM-9ijg8tC5Q==

GET
H2 200 MX6XzlXVeCHVHtwGZoADye3lxzgNAqQRtRY47Q8HeY_bcWSZO2uV_bb3u3CPe8QzCTTGPiFvKZLDOMRma2t-=w16
lh3.googleusercontent.com/ 338 B
633 B 393ms
309ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MX6XzlXVeCHVHtwGZoADye3lxzgNAqQRtRY47Q8HeY_bcWSZO2uV_bb3u3CPe8QzCTTGPiFvKZLDOMRma2t-=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f4812e0a85d374d58ec52c764301018e241cb5a1ea55bc905058a75de6cfd99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 k533r5gFo8LSZLUD0sfdidXoR8_aa_xOplJwfBZ7Z5A95Vtk520wh7Hc4cZ3nRoGMrJQ_kF5lO_3E0L7kY-y2Q=w16
lh3.googleusercontent.com/ 4 KB
4 KB 446ms
362ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/k533r5gFo8LSZLUD0sfdidXoR8_aa_xOplJwfBZ7Z5A95Vtk520wh7Hc4cZ3nRoGMrJQ_kF5lO_3E0L7kY-y2Q=w16

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9a6162885fefb55137f03d52ca93c86bf8e66f5924c2818dfe2c7412bbf07e4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4382
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 132ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre%20Franklin:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://r3medical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 26655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:22:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 187ms
96ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre%20Franklin:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://r3medical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 27404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:10:15 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 142ms
51ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Libre%20Franklin:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://r3medical.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 05:31:07 GMT
x-content-type-options: nosniff
age: 116152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 05:31:07 GMT

GET
H2

200

/ Show response
usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/ Frame 6330
Redirect Chain

http://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/
https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/

78 KB
16 KB

1802ms
1505ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/

Requested by

Host: static.leadpages.net
URL: https://static.leadpages.net/leadbars/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

1acb1421a71d2b2aaa062921ea865f744d43a2bcf5611efb94019e7cd5b961f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://r3medical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sat, 06 May 2023 13:46:59 GMT
etag: W/"74f379ed53cbf3f5df71f3fcb1fddd5d"
last-modified: Wed, 25 Mar 2020 18:15:06 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 06 May 2023 13:46:59 GMT
Location: https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/
Server: Leadpages
Strict-Transport-Security: max-age=15768000

GET
H2 200 MX6XzlXVeCHVHtwGZoADye3lxzgNAqQRtRY47Q8HeY_bcWSZO2uV_bb3u3CPe8QzCTTGPiFvKZLDOMRma2t-=w1600
lh3.googleusercontent.com/ 41 KB
42 KB 328ms
327ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MX6XzlXVeCHVHtwGZoADye3lxzgNAqQRtRY47Q8HeY_bcWSZO2uV_bb3u3CPe8QzCTTGPiFvKZLDOMRma2t-=w1600

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

67288afcf981770d51982d98f10d348eda0ab322a9ccded7ecae179a856d8a72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42423
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2 200 k533r5gFo8LSZLUD0sfdidXoR8_aa_xOplJwfBZ7Z5A95Vtk520wh7Hc4cZ3nRoGMrJQ_kF5lO_3E0L7kY-y2Q=h1723-c
lh3.googleusercontent.com/ 54 KB
54 KB 570ms
569ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/k533r5gFo8LSZLUD0sfdidXoR8_aa_xOplJwfBZ7Z5A95Vtk520wh7Hc4cZ3nRoGMrJQ_kF5lO_3E0L7kY-y2Q=h1723-c

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37946d70374d3f75959f4b901284500bf45e59f46f9ca0195778ed343e0b348d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55631
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H2

200

/ Show response
usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/ Frame 40DE
Redirect Chain

http://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/
https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/

144 KB
31 KB

1240ms
1016ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

06ee26d04ec3b275c6b251a075dcc179d1f6118423b213ec6e34518b5abcc820

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: http://r3medical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Sat, 06 May 2023 13:46:59 GMT
etag: W/"fd5f76b48d73a3a71211c51a2672f144"
last-modified: Wed, 17 Mar 2021 02:15:04 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 06 May 2023 13:46:59 GMT
Location: https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/
Server: Leadpages
Strict-Transport-Security: max-age=15768000

GET
H2 200 identify.html Show response
js.center.io/ Frame AD3D 4 KB
2 KB 48ms
48ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: http://r3medical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 183
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sat, 06 May 2023 13:43:56 GMT
etag: "OMWYXg"
expires: Sat, 06 May 2023 13:48:56 GMT
server: Google Frontend
x-cloud-trace-context: b0aefdab93628de7f255b73ccbb3942d

GET
H2 200 155124024899691 Show response
connect.facebook.net/signals/config/ 75 KB
21 KB 168ms
167ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/155124024899691?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

37078acba6beb2b7a4063bea242638d1c9722f56125382d74dcf094f0cadb604

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 13:46:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sxsm8b0D8cSebnGqdnjZ6U8UdJl1Z4fJ0ogxYwc/0Kx7NIMFjQXCvs/Fu4V83HQEis4dn7CfiOVH32SFDtVpCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
659 B 457ms
155ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=p399K5L6noGUbZFS4cY32Z&v=&e=&st=wordpress&lc=en-US&pid=F3FaJ5Vb6B4k5RZ6QWEWBW&uid=eK9KPjXqEbcAiTRRX46cpL&sid=86hfZ7pR3cxoZnHdExQT2c&cid=lp-p399K5L6noGUbZFS4cY32Z&uri=http%3A%2F%2Fr3medical.com%2F&rf=&rx=1600&ry=1200&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:46:59 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://r3medical.com
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00ote1nvp8fjfpqgh970

GET
H/1.1 200
OK / Show response
quiz.tryinteract.com/ Frame 3366 2 KB
1 KB 176ms
39ms Document
text/html 143.204.89.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quiz.tryinteract.com/
Requested by: Host: i.tryinteract.com
URL: https://i.tryinteract.com/embed/app.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c08797fd3b3858ead19359a3a33bcb9fb0eccd69b48e63ce028f6690c9763c48

Request headers

Referer: http://r3medical.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 44772
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 06 May 2023 01:21:04 GMT
ETag: W/"0e0c54955764d3298950bb354ef3ca65"
Last-Modified: Mon, 27 Mar 2023 19:43:41 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
X-Amz-Cf-Id: k8ETWFjuD2IjRZoK9R5AyTShycvkqxw_zC8WRmhcHuQaWc4F0KGO6w==
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 40ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 06 May 2023 13:46:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sLcM7BszSbhCrw7Fy6cDZRj9wiaTk/K9b8V1C/BWQKet9YAhvmkAXEtIuRRbhpDWCqNbukWxNQxBqI4c/37KqA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 159ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=155124024899691&ev=PageView&dl=http%3A%2F%2Fr3medical.com%2F&rl=&if=false&ts=1683380819608&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=28&fbp=fb.1.1683380819607.88747908&it=1683380819365&coo=false&rqm=GET

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 06 May 2023 13:46:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 jvi8xzm.js Show response
use.typekit.net/ Frame 3366 19 KB
7 KB 201ms
40ms Script
text/javascript 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/jvi8xzm.js

Requested by

Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2189f4a807340d973a564443e38bd99167dc2a54b66c732b2aeaf53b7bf79f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 06 May 2023 13:46:59 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7000

GET
H2 200 polyfill.js Show response
cdn.polyfill.io/v2/ Frame 3366 573 B
915 B 153ms
46ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.js?features=es5,es6

Requested by

Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f919c9fc0e1327e76930d1246bb9cdc2fe26504f5d4758e3383693e2143d27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 06 May 2023 13:46:59 GMT
age: 97004
detected-user-agent: Chrome/113.0.0
useragent_normaliser: chrome/113.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 353
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/113.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK styles.css
quiz.tryinteract.com/ Frame 3366 52 KB
9 KB 44ms
43ms Stylesheet
text/css 143.204.89.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quiz.tryinteract.com/styles.css?a29fbc28b35156f449c4
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a59f77bc0f1abe8a71e3e96f0fb04e3aadca1f36a57cd66b65e5dbc761792de9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 00:59:06 GMT
Content-Encoding: gzip
Via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
Last-Modified: Mon, 27 Mar 2023 19:43:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 46073
x-amz-server-side-encryption: AES256
ETag: W/"c04e5919856eae3410521b8227f27c25"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 0Hdh1W73Oj1QEAhhpbpcBBjW-AptVn6cDYmI1Mt221yiplNywCvSTA==

GET
H/1.1 200
OK vendor.js Show response
quiz.tryinteract.com/ Frame 3366 228 KB
65 KB 91ms
46ms Script
text/javascript 143.204.89.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quiz.tryinteract.com/vendor.js?a29fbc28b35156f449c4
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8f3787d20646494c464455edc2e3b1719932c1066786532f99132d09b06eb83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 06:34:23 GMT
Content-Encoding: gzip
Via: 1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
Last-Modified: Mon, 27 Mar 2023 19:43:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 25957
x-amz-server-side-encryption: AES256
ETag: W/"a4253b5dd63158a9cd731c1d36324ede"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: lDarhdJZYf3FNavizWDcjm4XGN46wjO9iDjUZYvx2Z1dAeg2BIvj0Q==

GET
H/1.1 200
OK main.js Show response
quiz.tryinteract.com/ Frame 3366 371 KB
97 KB 126ms
46ms Script
text/javascript 143.204.89.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quiz.tryinteract.com/main.js?a29fbc28b35156f449c4
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ea6a5cff34fc26fa257cbf83855a8f594be59ff7de6d4fd581ef1ca3b534ce7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 05:05:18 GMT
Content-Encoding: gzip
Via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
Last-Modified: Mon, 27 Mar 2023 19:43:41 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 31302
x-amz-server-side-encryption: AES256
ETag: W/"c3a0cd30afd50312fe3237fdc19ed0be"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: NBfO7ypLefMrmxOjethy4RM79Oc-f0PMxAscWG3Ihg1Gk78EEvsw3Q==

GET
H2 200 W4bjJ_brbiieFnFjf12Kz9vCi5IGuU7jYac5Qkco-DoHI5Jnw9u3bn9IXHtAIKHKnKqnhpI29aYjYbAk8MpGAg=w187
lh3.googleusercontent.com/ 11 KB
11 KB 186ms
185ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/W4bjJ_brbiieFnFjf12Kz9vCi5IGuU7jYac5Qkco-DoHI5Jnw9u3bn9IXHtAIKHKnKqnhpI29aYjYbAk8MpGAg=w187

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7f040737b2585dd5c1de684ccc5579040b1ba6155bbc1acbd07927234784862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10891
x-xss-protection: 0
expires: Sun, 07 May 2023 13:46:59 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
434 B 1492ms
148ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=TBk5JhMhZuPFVCLZdhRWuE&kind=timer,counter,text,text,timer,text,timer&label=bar_embed_script_load,bar_embed_delayed_trigger_queue,bar_embed_embedded,bar_embed_embedded,bar_embed_show,bar_embed_shown,bar_embed_delayed_trigger_show&value=201.10000038146973,1,ZTCix9M7uxc8nN5mPfFMQR,ZTCix9M7uxc8nN5mPfFMQR,12.299999237060547,ZTCix9M7uxc8nN5mPfFMQR,12.69999885559082&tags=,,,,,,
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadbars/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:01 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: http://r3medical.com
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00oti29ol1n68lc7qrk0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
434 B 1496ms
150ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=ztBbaBQgenFbpaJE48xnhr&kind=text,text,text,timer&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load&value=jkY6NL464mpPuW9RHb2NP4,jkY6NL464mpPuW9RHb2NP4,jkY6NL464mpPuW9RHb2NP4,200.5
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:01 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: http://r3medical.com
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00otc4rvs3ai919sshqg

GET
H2 200 init.js Show response
i.tryinteract.com/a/ Frame 3366 324 KB
71 KB 138ms
137ms Script
application/javascript 2600:9000:214f:a800:5:8f6d:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.tryinteract.com/a/init.js
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a800:5:8f6d:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53c56b90a9832f1b662e80a86b9cc52cedbfcbee847473228afaf50babeae7a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 03:28:41 GMT
content-encoding: gzip
via: 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified: Wed, 29 Mar 2023 02:58:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 37099
x-amz-server-side-encryption: AES256
etag: W/"5949c2d9d879d4ca303678496e9414b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 47bODWsoRtsiUtA39J1gq81DixHocLQ0LiDrxioqpK3JKFlJTNbrEg==

GET
H/1.1 200
OK 5e86bb7c3c6654001413751b Show response
quiz.api.tryinteract.io/quiz/ Frame 3366 10 KB
4 KB 438ms
126ms Fetch
application/json 75.101.184.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://quiz.api.tryinteract.io/quiz/5e86bb7c3c6654001413751b

Requested by

Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/main.js?a29fbc28b35156f449c4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

75.101.184.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-75-101-184-39.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

34fd46b8ca43fc18419fa46aba0d0e7122feab07a7f2c69f602a44c6f67261a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Date: Sat, 06 May 2023 13:47:00 GMT
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Via: 1.1 vegur
Cross-Origin-Embedder-Policy: require-corp
X-Dns-Prefetch-Control: off
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: same-origin
Connection: keep-alive
X-Xss-Protection: 0
Referrer-Policy: no-referrer
Server: Cowboy
Cross-Origin-Opener-Policy: same-origin
Etag: W/"2744-BTGDhnfq5Xwghol31C6WgrNd1dw"
Expect-Ct: max-age=0
X-Frame-Options: SAMEORIGIN
Vary: Origin, Accept-Encoding
X-Download-Options: noopen
Access-Control-Allow-Origin: https://quiz.tryinteract.com
Origin-Agent-Cluster: ?1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true

GET
H2 200 l
use.typekit.net/af/1be3c2/00000000000000007735e606/30/ Frame 3366 16 KB
16 KB 223ms
40ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1be3c2/00000000000000007735e606/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n3&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "f72012c08a11a2b44b8e4fe91c5042bc39decdd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16488

GET
H3 200 zz8qWnPtHEeOTs7Bb8v5EEoHtZEbnoSoYf6LeaGIqELsCZKePfIIkWsjAxR91FsWZC1ZV605E8SSJkI8cO4dzA=w187
lh3.googleusercontent.com/ 9 KB
9 KB 401ms
401ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zz8qWnPtHEeOTs7Bb8v5EEoHtZEbnoSoYf6LeaGIqELsCZKePfIIkWsjAxR91FsWZC1ZV605E8SSJkI8cO4dzA=w187

Requested by

Host: r3medical.com
URL: http://r3medical.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bce29020b52565256ea93e5854e986fab9843ea722279f143e932de8a89b25f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9027
x-xss-protection: 0
expires: Sun, 07 May 2023 13:47:00 GMT

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ Frame 3366 16 KB
17 KB 242ms
83ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2 200 l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ Frame 3366 17 KB
17 KB 244ms
85ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i7&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5aa4d710eb97e7dc65d20f8a3b814646481b69ad60a513bfd95fa8bdcdc71eb6

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "15e9c2a298cf592dcd5ccf5d7e8a9f660e7dd432"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17284

GET
H2 200 l
use.typekit.net/af/154cda/00000000000000007735e601/30/ Frame 3366 15 KB
16 KB 212ms
53ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/154cda/00000000000000007735e601/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n1&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 44d7a5c49f4c4b498fdc4132ebd37abc1a990440f6d11f6003a022dee8659428

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "06335f51db1a9ca0d513d9d05d23c44aa353a69b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15752

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ Frame 3366 16 KB
17 KB 212ms
53ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n6&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "e054ee68ef06f627cc7e34fb951cfa3a80cc5aa0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16744

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ Frame 3366 16 KB
16 KB 280ms
121ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16560

GET
H2 200 l
use.typekit.net/af/40d372/00000000000000007735e607/30/ Frame 3366 17 KB
17 KB 239ms
81ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/40d372/00000000000000007735e607/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i3&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0ac75b515902d4a9c871724d8da779aaf77108660db9987a1fe1ab789ac95d4b

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "916ef3d33f48ba3f0537bae74184b159347fff5f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16988

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ Frame 3366 16 KB
17 KB 203ms
44ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n5&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "464e80c81dc664a05b42585c76719dbf06e6c621"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16720

GET
H2 200 l
use.typekit.net/af/00e630/00000000000000007735ae09/30/ Frame 3366 17 KB
18 KB 241ms
83ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/00e630/00000000000000007735ae09/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b342ec14042fdb7441fc5afa6f42c96fd6d2794e6194c20e3d4c3109fe9f3b2

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "ce4ace7164acf28914797daa31ddc3b4e63c0681"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17804

GET
H2 200 l
use.typekit.net/af/6b1db4/00000000000000007735ae11/30/ Frame 3366 18 KB
18 KB 283ms
125ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6b1db4/00000000000000007735ae11/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2efc62f0c79d906d66ee904d12492aa6d9cf525d996d521c6f2c9cc3fccd6927

Request headers

Referer: https://quiz.tryinteract.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
server: nginx
etag: "bdbe811afd291e6019e261b8ae52488cfdabbf40"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18080

GET
H2 200 invitation.ashx Show response
sellwithchat.com//scripts/ 913 KB
242 KB 322ms
321ms Script
text/javascript 2606:4700:20::681a:8c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sellwithchat.com//scripts/invitation.ashx?company=r3medical&mobile=false
Requested by: Host: sellwithchat.com
URL: http://sellwithchat.com/scripts/invitation.ashx?company=r3medical
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 529fb9c78cb58db3f15e100cce3ce05a36cd96f0b24aabdfc5628059a075840d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml",CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
x-ua-compatible: IE=edge
request-context: appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzJtc8QrjIdNvqsD%2Fik4%2FHYUZR75nbnRd%2BSMfvZFsBFmzHMFnLzdHeMPgBDRbhxqdTeCTWNQ4fm%2BLojmRaPnIHV1pE%2BDgRgmIaxBhBu12cpty0ldME8zcvdzndmxhMiBooRSXLXlkRALV85iMJE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Request-Context
cache-control: public, max-age=300,no-transform
cf-ray: 7c31ac2d5d6d37fe-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization

GET
H2 200 p.gif
p.typekit.net/ Frame 3366 35 B
214 B 186ms
41ms Image
image/gif 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=jvi8xzm&ht=tk&h=quiz.tryinteract.com&f=139.140.171.173.175.5474.5475.25136.34282.34288&a=1154284&js=1.21.0&app=typekit&e=js&_=1683380820260
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:00 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 200 t Show response
a2.tryinteract.io/ Frame 3366 15 B
228 B 410ms
145ms XHR
application/json 52.22.208.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a2.tryinteract.io/t
Requested by: Host: i.tryinteract.com
URL: https://i.tryinteract.com/a/init.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.208.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-208-219.compute-1.amazonaws.com
Software: / Express
Resource Hash: 0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1

Request headers

Referer: https://quiz.tryinteract.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sat, 06 May 2023 13:47:00 GMT
etag: W/"f-j9kuRnE0Hnnwo1KaxenVnTjbnng"
x-powered-by: Express
content-length: 15
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-type: application/json; charset=utf-8

GET
H2 200 css
fonts.googleapis.com/ Frame 3366 8 KB
841 B 54ms
53ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: quiz.tryinteract.com
URL: https://quiz.tryinteract.com/main.js?a29fbc28b35156f449c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 May 2023 13:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 May 2023 12:53:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 May 2023 13:47:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 3366 47 KB
47 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 28892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 3366 47 KB
47 KB 65ms
64ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 28892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ Frame 3366 47 KB
47 KB 80ms
80ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://quiz.tryinteract.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 28892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 05:45:28 GMT

GET
H/1.1 200
OK _f79025a0-7564-11ea-af55-73676e63cbab_1585888726088.jpg
s3-us-west-1.amazonaws.com/tryinteract-uploads/5e86bb7c3c6654001413751b/ Frame 3366 37 KB
37 KB 640ms
220ms Image
image/jpeg 52.219.220.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/tryinteract-uploads/5e86bb7c3c6654001413751b/_f79025a0-7564-11ea-af55-73676e63cbab_1585888726088.jpg
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.220.56 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 517c61a421f92b9a6920d7436561e93c89f0606af376bfe20c0da78990710609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:02 GMT
Last-Modified: Fri, 03 Apr 2020 04:38:47 GMT
Server: AmazonS3
x-amz-request-id: XJT0NEJFFYWK6SCY
ETag: "2a95cc1e2690048353217e69cf9c4ff2-1"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 38031
x-amz-id-2: tHJ3WH3kdUHdz2jsKoe698rHU1kth5qC70Qrc3L8o5dSreMXSPPm1wwuPcShxi/IQJnlTult3v4=

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/5.14.0/css/ Frame 40DE 58 KB
14 KB 43ms
42ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/5.14.0/css/all.min.css
Requested by: Host: usleadnetwork.lpages.co
URL: https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Wed, 03 May 2023 00:01:05 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 308755
etag: "BTybeQ"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 0818dbc07bad12054208afc3e76df105
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
expires: Thu, 02 May 2024 00:01:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 40DE 8 KB
750 B 55ms
55ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: usleadnetwork.lpages.co
URL: https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 May 2023 13:47:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 May 2023 11:57:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 May 2023 13:47:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 237ms
41ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: sellwithchat.com
URL: https://sellwithchat.com//scripts/invitation.ashx?company=r3medical&mobile=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Fri, 05 May 2023 13:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 May 2024 13:19:34 GMT

GET
H2

200

pinghandler.ashx Show response
sellwithchat.com/handlers/slim/
Redirect Chain

http://sellwithchat.com/handlers/slim/pinghandler.ashx?company=r3medical&ecid=pZ5YHTWdixz7d62/+pmr1299VnPXNDzfeYhswFdgI1qOtFRWmPxO/TY=&visitorId=undefined&agentAliasId=7979&operatorId=undefined&pro...
https://sellwithchat.com/handlers/slim/pinghandler.ashx?company=r3medical&ecid=pZ5YHTWdixz7d62/+pmr1299VnPXNDzfeYhswFdgI1qOtFRWmPxO/TY=&visitorId=undefined&agentAliasId=7979&operatorId=undefined&pr...

48 B
485 B

231ms
231ms

Script
text/javascript

2606:4700:20::681a:8c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sellwithchat.com/handlers/slim/pinghandler.ashx?company=r3medical&ecid=pZ5YHTWdixz7d62/+pmr1299VnPXNDzfeYhswFdgI1qOtFRWmPxO/TY=&visitorId=undefined&agentAliasId=7979&operatorId=undefined&profileId=179152&gclid=&gs=&gm=&gc=&chatId=null&invitationVersion=2&chatMode=2&originalReferrer=
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: H2
Server: 2606:4700:20::681a:8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1d96035ad38082875cd4da98d8c4907b86eeb3c746aa2c6b8f18643241e70e57

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 164
x-ua-compatible: IE=edge
request-context: appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1tNEwn0pKh%2Fu%2BJdezcca8EOeRRu11%2BeQF%2B0AYS3CX9v%2BeoDaXthNo0tY7KC4Fbqt9PDzJpExIAt4Gb96K22%2Fmhx2Ow3OcbY%2BEPuyUozBSea%2BaDXaOX5MqvcKkvlev6%2BvcTUxhwPxdH1cBJxJOWE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Request-Context
cache-control: private,no-transform
cf-ray: 7c31ac331d7437fe-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization

Redirect headers

Date: Sat, 06 May 2023 13:47:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIMYFDis%2BEf2EKy3H%2ByN4U2zStUnyXDMB5JA1HclCV2IvQB4Jh2nflCdLCJFM%2BDZkZ%2BNJ83r2yYugbdJvIJqUmpVm0%2FGZ3f4%2BIguQakutPuekQOj7tuidhmy1XeL21sHGePtiK3whubaQcLXvoo%3D"}],"group":"cf-nel","max_age":604800}
Location: https://sellwithchat.com/handlers/slim/pinghandler.ashx?company=r3medical&ecid=pZ5YHTWdixz7d62/+pmr1299VnPXNDzfeYhswFdgI1qOtFRWmPxO/TY=&visitorId=undefined&agentAliasId=7979&operatorId=undefined&profileId=179152&gclid=&gs=&gm=&gc=&chatId=null&invitationVersion=2&chatMode=2&originalReferrer=
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 7c31ac32aa2f6916-FRA
Expires: Sat, 06 May 2023 14:47:00 GMT

GET
H2 200 center.js Show response
js.center.io/ Frame 40DE 12 KB
5 KB 53ms
53ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: usleadnetwork.lpages.co
URL: https://usleadnetwork.lpages.co/serve-leadbox/jkY6NL464mpPuW9RHb2NP4/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:56 GMT
content-encoding: gzip
server: Google Frontend
age: 4
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: a7fa96230c095b1731571455d06fc2cd
cache-control: public, max-age=300
content-length: 5417
expires: Sat, 06 May 2023 13:51:56 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 29B5 4 KB
2 KB 52ms
47ms Document
text/html 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://usleadnetwork.lpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 259
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Sat, 06 May 2023 13:42:42 GMT
etag: "OMWYXg"
expires: Sat, 06 May 2023 13:47:42 GMT
server: Google Frontend
x-cloud-trace-context: b514e1c803a96be453d1e2339c6312aa

GET
H2 200 pinghandler.ashx Show response
sellwithchat.com/handlers/slim/ 24 B
915 B 641ms
557ms XHR
text/javascript 2606:4700:20::681a:8c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sellwithchat.com/handlers/slim/pinghandler.ashx?logType=shown&visitorId=1345741349&company=r3medical
Requested by: Host: sellwithchat.com
URL: https://sellwithchat.com//scripts/invitation.ashx?company=r3medical&mobile=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 140
x-ua-compatible: IE=edge
request-context: appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8e98dTyFbRh8W64S7V4YeTxn6t7jchRNV43rGL1FRZlHEpRrTLdP21FP6U2YJw9GTya0ErWl5f%2BjsbD4Vwsjum94fVJGY8U%2FDDvpwAk3NnLTT%2FzO6BjCkLmJQfj9yJZ4TjNh%2B4YFs%2BW7l044pjQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Request-Context
cache-control: private,no-transform
cf-ray: 7c31ac354b7f363e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ Frame 6330 28 KB
7 KB 135ms
52ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css

Requested by

Host: usleadnetwork.lpages.co
URL: https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:47:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 8159820
cdn-cachedat: 2021-06-08 21:31:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5bb5196854d77b3b0bd1d55200ac7249
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7c31ac362d841952-FRA
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ Frame 6330 8 KB
750 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Requested by

Host: usleadnetwork.lpages.co
URL: https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 06 May 2023 13:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 06 May 2023 11:56:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 06 May 2023 13:47:01 GMT

GET
H/1.1 200
OK _f79025a0-7564-11ea-af55-73676e63cbab_1585888726088.jpg
s3-us-west-1.amazonaws.com/tryinteract-uploads/5e86bb7c3c6654001413751b/ Frame 3366 37 KB
37 KB 211ms
210ms Image
image/jpeg 52.219.220.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/tryinteract-uploads/5e86bb7c3c6654001413751b/_f79025a0-7564-11ea-af55-73676e63cbab_1585888726088.jpg
Requested by: Host: r3medical.com
URL: http://r3medical.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.220.56 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 517c61a421f92b9a6920d7436561e93c89f0606af376bfe20c0da78990710609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://quiz.tryinteract.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:02 GMT
Last-Modified: Fri, 03 Apr 2020 04:38:47 GMT
Server: AmazonS3
x-amz-request-id: XJTEYB126BXVMVQM
ETag: "2a95cc1e2690048353217e69cf9c4ff2-1"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 38031
x-amz-id-2: BTBUFJVvPYAS1aqN+Gb4i9A+HtfhfHf9pVjxVk/mJ2jubh7Gw/5dnqYZL+qESzyWdz5OxmTJ1DU=

GET
H2 200 center.js Show response
js.center.io/ Frame 6330 12 KB
5 KB 51ms
51ms Script
application/javascript 2001:4860:4802:34::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: usleadnetwork.lpages.co
URL: https://usleadnetwork.lpages.co/serve-leadbar/ZTCix9M7uxc8nN5mPfFMQR/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 13:46:24 GMT
content-encoding: gzip
server: Google Frontend
age: 37
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: ad2d01f172b9cbf8d9dcd540695e6dcf
cache-control: public, max-age=300
content-length: 5417
expires: Sat, 06 May 2023 13:51:24 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6330 15 KB
16 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usleadnetwork.lpages.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 26657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:22:44 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6330 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://usleadnetwork.lpages.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date: Sat, 06 May 2023 06:10:15 GMT
x-content-type-options: nosniff
age: 27406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 May 2024 06:10:15 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ Frame 6330 35 B
670 B 153ms
153ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadbar&l=ZTCix9M7uxc8nN5mPfFMQR&v=&e=&st=&lc=en-US&pid=F3FaJ5Vb6B4k5RZ6QWEWBW&uid=eK9KPjXqEbcAiTRRX46cpL&sid=ybEWR3x9B8XvYrW5mVDPgH&cid=lp-ZTCix9M7uxc8nN5mPfFMQR&uri=https%3A%2F%2Fusleadnetwork.lpages.co%2Fserve-leadbar%2FZTCix9M7uxc8nN5mPfFMQR%2F&rf=http%3A%2F%2Fr3medical.com%2F&rx=1600&ry=72&tz=%2B00%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:01 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://usleadnetwork.lpages.co
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00ote26iv9uh68p1cnd0

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
354 B 300ms
146ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=594,144,621,1360,144,1363,1580,1580,3956,3959
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:01 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 80.255.7.108
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00ote27pvap9505i9egg

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
434 B 187ms
187ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=ztBbaBQgenFbpaJE48xnhr&kind=timer&label=lb_embed_leadbox_load&value=1901
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:01 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: http://r3medical.com
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00otc507omnv3j9pob40

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
434 B 145ms
145ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.5&correlateBy=TBk5JhMhZuPFVCLZdhRWuE&kind=timer&label=bar_embed_load&value=2364.6000003814697&tags=
Requested by: Host: static.leadpages.net
URL: https://static.leadpages.net/leadbars/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:02 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: http://r3medical.com
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00otc52sh07odc9o8ugg

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
434 B 145ms
145ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=S27dgvrcSrFrpoDjvw2Dzw&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=171.80000114440918,66.39999961853027,1,457.3999996185303
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:03 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: http://r3medical.com
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00ote2oft87m86kqov00

GET
H/1.1 200
OK mg__7979.png
agent-alias.s3.us-east-2.amazonaws.com/ Frame 77F3 44 KB
45 KB 433ms
145ms Image
image/png 52.219.80.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agent-alias.s3.us-east-2.amazonaws.com/mg__7979.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.80.168 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: f37ef65a03dcb0556f54642180660419a3c3c39941d2d6d2c465875ebab6c5ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://r3medical.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:05 GMT
Last-Modified: Mon, 11 Apr 2022 22:38:01 GMT
Server: AmazonS3
x-amz-request-id: 14MVQ90G2751NDGB
ETag: "19a24ed7419d4f3d02044de8be6d384e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 45387
x-amz-id-2: BMltZQuFwfU2716QiJSsXd4vhpDZPjaRZ77d7G38AiH9X7gkuTy/Ae0FJkwraS7NtSdWwPc1PV0=

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 40DE 35 B
445 B 146ms
146ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=St5NcppjFLj6aeEsJT6SAB&origin=center-js&kind=timer,timer,counter&label=load-center,load-identify,ident-exists&value=127.60000038146973,67.29999923706055,1
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:05 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://usleadnetwork.lpages.co
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00ote32d392qnr6jh2c0

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ Frame 6330 35 B
445 B 145ms
145ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=Vm5acrdwYJKwC2tF29h8E6&origin=center-js&kind=counter,timer,timer&label=ident-cache,load-center,send-events&value=1,55.20000076293945,154.39999961853027
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://usleadnetwork.lpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Date: Sat, 06 May 2023 13:47:05 GMT
Server: Stargate
Transfer-Encoding: chunked
access-control-max-age: 600
Content-Type: image/gif
access-control-allow-origin: https://usleadnetwork.lpages.co
X-Forwarded-For: 80.255.7.108
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 00ote3725n5dkkk3e8fg

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 11:37:47	Name: view.F3FaJ5Vb6B4k5RZ6QWEWBW.p399K5L6noGUbZFS4cY32Z Value: 1683380820000
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 11:37:47	Name: view.F3FaJ5Vb6B4k5RZ6QWEWBW.ZTCix9M7uxc8nN5mPfFMQR Value: 1683380822000
js.center.io/	1970-01-20 21:12:20	Name: centerVisitorId Value: eK9KPjXqEbcAiTRRX46cpL
.r3medical.com/	1970-01-20 13:45:56	Name: _fbp Value: fb.1.1683380819607.88747908
r3medical.com/	1969-12-31 23:59:59	Name: apexchat_dropdown_invitation Value: _max
r3medical.com/	1970-01-20 11:36:21	Name: livechat_v3_invitation_shown Value: true
r3medical.com/	1969-12-31 23:59:59	Name: livechat_is_page_refreshed Value: false
r3medical.com/	1969-12-31 23:59:59	Name: livechat_original_referrer Value:
r3medical.com/	1970-01-20 11:36:24	Name: livechat_agent_alias_id Value: 7979
r3medical.com/	1970-01-20 11:36:21	Name: livechat_operator_id Value: undefined
r3medical.com/	1970-01-20 11:37:47	Name: livechat_profile_id Value: 179152
r3medical.com/	1969-12-31 23:59:59	Name: apexchat_dompopup_chatwindow Value: _rendered
r3medical.com/	1970-01-20 11:36:42	Name: livechat_visitor_id Value: 1345741349
r3medical.com/	1970-01-20 11:36:42	Name: livechat_visitLogged Value: true
r3medical.com/	1970-01-20 15:58:25	Name: livechat_invitation_traffic_sources Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26campaignId%3D%26overwritetrafficsource%3Dtrue%26date%3D20230506
r3medical.com/	1969-12-31 23:59:59	Name: livechat_prechat_lastmessage Value: %7B%22index%22%3A0%2C%22duration%22%3A3000%7D
r3medical.com/	1969-12-31 23:59:59	Name: apexchat_prechat_invitation Value: _max

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.tryinteract.io
agent-alias.s3.us-east-2.amazonaws.com
ajax.googleapis.com
api.leadpages.io
cdn.polyfill.io
connect.facebook.net
embed.lpcontent.net
fonts.googleapis.com
fonts.gstatic.com
i.tryinteract.com
js.center.io
lh3.googleusercontent.com
maxcdn.bootstrapcdn.com
p.typekit.net
quiz.api.tryinteract.io
quiz.tryinteract.com
r3medical.com
s3-us-west-1.amazonaws.com
sellwithchat.com
static.leadpages.net
use.typekit.net
usleadnetwork.lpages.co
www.facebook.com
143.204.89.73
2001:4860:4802:34::15
2600:9000:214f:a800:5:8f6d:7940:93a1
2606:4700:20::681a:8c3
2606:4700:20::ac43:4879
2606:4700::6812:acf
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:830::200a
2a02:26f0:480:f::213:7ec6
2a02:26f0:480:f::213:7ed3
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::282
34.107.203.240
35.192.151.63
35.202.21.90
52.219.220.56
52.219.80.168
52.22.208.219
72.52.135.219
75.101.184.39
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
06ee26d04ec3b275c6b251a075dcc179d1f6118423b213ec6e34518b5abcc820
0ac75b515902d4a9c871724d8da779aaf77108660db9987a1fe1ab789ac95d4b
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1acb1421a71d2b2aaa062921ea865f744d43a2bcf5611efb94019e7cd5b961f7
1d96035ad38082875cd4da98d8c4907b86eeb3c746aa2c6b8f18643241e70e57
2189f4a807340d973a564443e38bd99167dc2a54b66c732b2aeaf53b7bf79f61
2639a9ab4fde159616069cfb6384ab93589e2c5e8e89e334ecc86bbcea043dd0
2c07c3025f0343324249ce781848a7d744fbe9558aa74571e557759829bdbfd3
2efc62f0c79d906d66ee904d12492aa6d9cf525d996d521c6f2c9cc3fccd6927
304cbf293fdb3c3b8b362cb747707db75b3d46144e1251a4f8a3eae2e9a88eef
34fd46b8ca43fc18419fa46aba0d0e7122feab07a7f2c69f602a44c6f67261a3
37078acba6beb2b7a4063bea242638d1c9722f56125382d74dcf094f0cadb604
37946d70374d3f75959f4b901284500bf45e59f46f9ca0195778ed343e0b348d
3ae29beea4704cd7ccc27bdf0182c991708bc8f0706eaf4fe3138c1710a1a54f
3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232
44d7a5c49f4c4b498fdc4132ebd37abc1a990440f6d11f6003a022dee8659428
517c61a421f92b9a6920d7436561e93c89f0606af376bfe20c0da78990710609
529fb9c78cb58db3f15e100cce3ce05a36cd96f0b24aabdfc5628059a075840d
53c56b90a9832f1b662e80a86b9cc52cedbfcbee847473228afaf50babeae7a8
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
58dc2f9ecbfa85accf8b5b67e283ba5b32fafc4769e6244a271ebb80d8a2efcf
5aa4d710eb97e7dc65d20f8a3b814646481b69ad60a513bfd95fa8bdcdc71eb6
5bbabbac4ae5e98f19304ca96aa782fdd589d829b0b4ec45787a060aade409bf
5c9f600b175a870a39e534669ba425e642b0e3b79946273b04f36278fb14c89d
5cea5f5a79817996385a96e5a5337e95db241f0a33a9e46c26b24cde34ac1b9e
67288afcf981770d51982d98f10d348eda0ab322a9ccded7ecae179a856d8a72
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b041462efaabe266e979e31c911317c2cf6c83e95150d721dbe9b5ba1fd9cd8
777a54d11b08aeb4dfb4f560343320a6700c77d33f6c25c866a9329b2ee22c84
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7f040737b2585dd5c1de684ccc5579040b1ba6155bbc1acbd07927234784862c
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
9759ad43d470ff696d20351cccf4a11e9509b1c3f4e66cf94e661e802eaf0f6a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a6162885fefb55137f03d52ca93c86bf8e66f5924c2818dfe2c7412bbf07e4b
9b342ec14042fdb7441fc5afa6f42c96fd6d2794e6194c20e3d4c3109fe9f3b2
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9f919c9fc0e1327e76930d1246bb9cdc2fe26504f5d4758e3383693e2143d27d
a59f77bc0f1abe8a71e3e96f0fb04e3aadca1f36a57cd66b65e5dbc761792de9
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
bce29020b52565256ea93e5854e986fab9843ea722279f143e932de8a89b25f4
bde69240dc12023f02e6ce8fc871b4f3415a376b1ee85295e33fccdcde8d1568
c08797fd3b3858ead19359a3a33bcb9fb0eccd69b48e63ce028f6690c9763c48
c1a3c64eb029a30f8670cd26a9fd937b889adc4d9ee912a975e4da51fc16c820
c8f3787d20646494c464455edc2e3b1719932c1066786532f99132d09b06eb83
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d6873cc839fb4dda31b3e7b375ec8a28eb75a5b968f64ec5bf84fea1d9af71fb
dd7093d94f933ffea6730fe47d576cb15264297a64deb6df44c146b23f2ade29
e00391966f2cbbe56cae45b8712573dcbc38edac69779dbe7bd441c58ce86e04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84279b1548febfa2f875b02a56f7f1feafac4b0fac86a8ca2aac6917a02d6b5
ea6a5cff34fc26fa257cbf83855a8f594be59ff7de6d4fd581ef1ca3b534ce7f
f1096de525ecd4549a0dea1507686fd365db607cddc697686b0f7ce81a9bdbab
f37ef65a03dcb0556f54642180660419a3c3c39941d2d6d2c465875ebab6c5ec
f4812e0a85d374d58ec52c764301018e241cb5a1ea55bc905058a75de6cfd99a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

r3medical.com Open in urlscan Pro 72.52.135.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

96 %HTTPS

61 %IPv6

18 Domains

23 Subdomains

22 IPs

2 Countries

1536 kBTransfer

3673 kBSize

17 Cookies

1 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

r3medical.com Open in urlscan Pro
72.52.135.219 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

96 %
HTTPS

61 %
IPv6

18
Domains

23
Subdomains

22
IPs

2
Countries

1536 kB
Transfer

3673 kB
Size

17
Cookies

83 HTTP transactions
0 data transactions