Submitted URL: https://trk.cp20.com/click/g5yv-2g1nza-h1uouv-bvqijo62/
Effective URL: https://aftermd.com/
Submission: On September 15 via api from US — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 24 HTTP transactions. The main IP is 52.54.158.118, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is aftermd.com.
TLS certificate: Issued by Amazon on August 23rd 2021. Valid for: a year.
This is the only time aftermd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
9 aftermd.com aftermd.com
6 media.primeinc.org aftermd.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com aftermd.com
www.googletagmanager.com
1 primeinc.org aftermd.com
1 cdnjs.cloudflare.com aftermd.com
1 fonts.googleapis.com aftermd.com
1 trk.cp20.com 1 redirects
0 www.googleadservices.com Failed www.googletagmanager.com
0 www.google-analytics.com Failed www.googletagmanager.com
24 10
Subject Issuer Validity Valid
primece.com
Amazon
2021-08-23 -
2022-09-21
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-23 -
2021-11-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.primeinc.org
Amazon
2021-06-05 -
2022-07-04
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://aftermd.com/
Frame ID: 2650627751810FAE1E3AABC510886684
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

Welcome | AfterMD.com | Patient Resources

Page URL History Show full URLs

  1. https://trk.cp20.com/click/g5yv-2g1nza-h1uouv-bvqijo62/ HTTP 302
    https://aftermd.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

92 %
HTTPS

75 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

1168 kB
Transfer

1527 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.cp20.com/click/g5yv-2g1nza-h1uouv-bvqijo62/ HTTP 302
    https://aftermd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
aftermd.com/
Redirect Chain
  • https://trk.cp20.com/click/g5yv-2g1nza-h1uouv-bvqijo62/
  • https://aftermd.com/
13 KB
4 KB
Document
General
Full URL
https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
fa95963fcfeca5db647d43f908f653dcb313bf7e9c283b930ab190e1391ce983
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
aftermd.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 15 Sep 2021 18:40:14 GMT
content-type
text/html; charset=UTF-8
content-length
3821
set-cookie
AWSALB=2r89/N5GmzTdL4Vl+c59DdzjHo9XOqHz+KsKBEg/3Nl8a+j3Rz/umnW/ZXrXMICOJ1mdgYUKTH2oeiPRCIqiLgcUvjNi4Lm1f8i3CTR7h/9nES7u+YW0A8Ha0UT8; Expires=Wed, 22 Sep 2021 18:40:14 GMT; Path=/ AWSALBCORS=2r89/N5GmzTdL4Vl+c59DdzjHo9XOqHz+KsKBEg/3Nl8a+j3Rz/umnW/ZXrXMICOJ1mdgYUKTH2oeiPRCIqiLgcUvjNi4Lm1f8i3CTR7h/9nES7u+YW0A8Ha0UT8; Expires=Wed, 22 Sep 2021 18:40:14 GMT; Path=/; SameSite=None; Secure PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; path=/; SameSite=Lax
server
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-ua-compatible
IE=Edge
vary
Accept-Encoding
content-encoding
gzip
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://aftermd.com
Server
TRK02
Refresh
0; URL=https://aftermd.com
Date
Wed, 15 Sep 2021 18:40:08 GMT
Content-Length
136
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Alegreya:700,900|Alegreya+Sans:400,700,900
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:809::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cdf58506e4309c05c465a91f837c39118a2656d2f2608a1c2e6020d76ed362e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 18:40:19 GMT
server
ESF
date
Wed, 15 Sep 2021 18:40:19 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Sep 2021 18:40:19 GMT
style.css
aftermd.com/css/
165 KB
28 KB
Stylesheet
General
Full URL
https://aftermd.com/css/style.css
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
58849e7c8abafc715aa5b779fa373413bd7c212202cd617ac304885b6c7ea230
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/css/style.css
pragma
no-cache
cookie
AWSALB=2r89/N5GmzTdL4Vl+c59DdzjHo9XOqHz+KsKBEg/3Nl8a+j3Rz/umnW/ZXrXMICOJ1mdgYUKTH2oeiPRCIqiLgcUvjNi4Lm1f8i3CTR7h/9nES7u+YW0A8Ha0UT8; AWSALBCORS=2r89/N5GmzTdL4Vl+c59DdzjHo9XOqHz+KsKBEg/3Nl8a+j3Rz/umnW/ZXrXMICOJ1mdgYUKTH2oeiPRCIqiLgcUvjNi4Lm1f8i3CTR7h/9nES7u+YW0A8Ha0UT8; PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
aftermd.com
referer
https://aftermd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"29378-5cb0356411700-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
set-cookie
AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; Expires=Wed, 22 Sep 2021 18:40:14 GMT; Path=/ AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; Expires=Wed, 22 Sep 2021 18:40:14 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
28475
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/
84 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
599554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26909
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTMcBch0QfM4FtrLFXNYJXt5%2B4P02%2FC7MSmiyO2%2FdOpeLczloIq6ol2KZsIwey7RpDULMW3BGLB7eRfaWx%2Fvei2VfKDoDvYjJQC6pKku3FG5OJtxZJI8xjqkqifDJx74VtjctD2Vvu1QX8NSj4%2BmgfzS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68f3fb98ed824e3d-FRA
expires
Mon, 05 Sep 2022 18:40:19 GMT
bootstrap.min.js
aftermd.com/js/
31 KB
9 KB
Script
General
Full URL
https://aftermd.com/js/bootstrap.min.js
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
0b8aa1f51fa1837b39fc07c02ab679ad30ef56dc6a4eeb66f058a29aa41b888b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/js/bootstrap.min.js
pragma
no-cache
cookie
AWSALB=2r89/N5GmzTdL4Vl+c59DdzjHo9XOqHz+KsKBEg/3Nl8a+j3Rz/umnW/ZXrXMICOJ1mdgYUKTH2oeiPRCIqiLgcUvjNi4Lm1f8i3CTR7h/9nES7u+YW0A8Ha0UT8; AWSALBCORS=2r89/N5GmzTdL4Vl+c59DdzjHo9XOqHz+KsKBEg/3Nl8a+j3Rz/umnW/ZXrXMICOJ1mdgYUKTH2oeiPRCIqiLgcUvjNi4Lm1f8i3CTR7h/9nES7u+YW0A8Ha0UT8; PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
aftermd.com
referer
https://aftermd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:14 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"7d0d-5cb0356411700-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
set-cookie
AWSALB=6sTETLU/PTZgGt5hZIH3hbX56KcM+Lo82fTLJjZdrgLo3RzNgvTSsOjZttU9KQ5aoLa3pQfLrmlM5PLLZcHByFiUIzUZSMBfM9YW3MTqkhM4AYJ0Kj2qj+52FxPV; Expires=Wed, 22 Sep 2021 18:40:14 GMT; Path=/ AWSALBCORS=6sTETLU/PTZgGt5hZIH3hbX56KcM+Lo82fTLJjZdrgLo3RzNgvTSsOjZttU9KQ5aoLa3pQfLrmlM5PLLZcHByFiUIzUZSMBfM9YW3MTqkhM4AYJ0Kj2qj+52FxPV; Expires=Wed, 22 Sep 2021 18:40:14 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
8592
aftermd-logo.png
aftermd.com/images/
35 KB
36 KB
Image
General
Full URL
https://aftermd.com/images/aftermd-logo.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
ce243edf72e1fcde66b520917ee53af64f6c74c38c90d090016fae49b9340ffb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/images/aftermd-logo.png
pragma
no-cache
cookie
PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
aftermd.com
referer
https://aftermd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"8d2e-5cb0356411700"
x-frame-options
SAMEORIGIN
content-type
image/png
set-cookie
AWSALB=bhYYuPh0iit0Hnf0ZPf0JmIcZK8ll0c9pmnI0AT+Q0TifQAV7TzCcDOCxo5M+Bj7E9jf8sZj33N+p+wiEHcW56i50n1xImqrT7T6yVyVWFXgJnw7R8XSk7gXb/xZ; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/ AWSALBCORS=bhYYuPh0iit0Hnf0ZPf0JmIcZK8ll0c9pmnI0AT+Q0TifQAV7TzCcDOCxo5M+Bj7E9jf8sZj33N+p+wiEHcW56i50n1xImqrT7T6yVyVWFXgJnw7R8XSk7gXb/xZ; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
36142
passport.png
aftermd.com/images/
464 KB
465 KB
Image
General
Full URL
https://aftermd.com/images/passport.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
07c70ba8d47b922e3ef0444b3961c3778bbc02d6d491dbe244ea7671efd1b04f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/images/passport.png
pragma
no-cache
cookie
PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
aftermd.com
referer
https://aftermd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"74175-5cb0356411700"
x-frame-options
SAMEORIGIN
content-type
image/png
set-cookie
AWSALB=MHQzhZ27UW41M82lMS5BN7IofT1iwmvJ7+lVMPOECLaxo2C5OPVT/hcVLzCLUL6ie9NDUr1ofdzcSwjX7AKSXDly4G2WL5L1a0RRz2GhahxnQJBp+3HnNmwucvVI; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/ AWSALBCORS=MHQzhZ27UW41M82lMS5BN7IofT1iwmvJ7+lVMPOECLaxo2C5OPVT/hcVLzCLUL6ie9NDUr1ofdzcSwjX7AKSXDly4G2WL5L1a0RRz2GhahxnQJBp+3HnNmwucvVI; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
475509
prime-tree.png
aftermd.com/images/
343 KB
344 KB
Image
General
Full URL
https://aftermd.com/images/prime-tree.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
a551f79b6b1c550d8e1e3b4d8ea68da055f67252f8c2906f795573fcfafe27ad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/images/prime-tree.png
pragma
no-cache
cookie
PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
aftermd.com
referer
https://aftermd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"55cd9-5cb0356411700"
x-frame-options
SAMEORIGIN
content-type
image/png
set-cookie
AWSALB=0ugPRpZdLBGs6KGxC5GsSZJzq28sNobVb/d2kJq59crErNY4i1XmrhcgomfrZRcaCnq8oSRkzt5lJr3jFvHeCn8XdDOknAm+OhDCywMb9zqsBpM0mUywdjGjwmGw; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/ AWSALBCORS=0ugPRpZdLBGs6KGxC5GsSZJzq28sNobVb/d2kJq59crErNY4i1XmrhcgomfrZRcaCnq8oSRkzt5lJr3jFvHeCn8XdDOknAm+OhDCywMb9zqsBpM0mUywdjGjwmGw; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
351449
JA_Comm_Mark_White.png
media.primeinc.org/upload/
62 KB
63 KB
Image
General
Full URL
https://media.primeinc.org/upload/JA_Comm_Mark_White.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:5:a930:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88e7dd8e684c862cb6199b7bfb21fb211368571c426074d6bea6d561710278d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
4jyw8Rdr3H0DMkJqVXvpMlQ.0sEx.F1Q
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
etag
"295058276e7e68abd6d452bc1446d0e9"
last-modified
Mon, 23 Aug 2021 17:05:46 GMT
server
AmazonS3
age
33401
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Wed, 15 Sep 2021 11:42:21 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
63865
x-amz-cf-id
67RdFywnEe9nSEVisyCa2TgIsCSzCjqqaF3zkNw2BEduZW_Lbav10g==
skrollr.min.js
aftermd.com/js/
12 KB
6 KB
Script
General
Full URL
https://aftermd.com/js/skrollr.min.js
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/js/skrollr.min.js
pragma
no-cache
cookie
PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
aftermd.com
referer
https://aftermd.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"310f-5cb0356411700-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
set-cookie
AWSALB=YwQTpCCYl67PTFpfZjttq5xJwI64CARynhKP1SeoI6etH6KE4WqXBL8YJqaGwqIoTEZI5mzUtvotNOYQ43CY411F/ttZwKeFpOZMcMfvhpzTHs4Std13cyHkf7hs; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/ AWSALBCORS=YwQTpCCYl67PTFpfZjttq5xJwI64CARynhKP1SeoI6etH6KE4WqXBL8YJqaGwqIoTEZI5mzUtvotNOYQ43CY411F/ttZwKeFpOZMcMfvhpzTHs4Std13cyHkf7hs; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
5539
events.js
primeinc.org/inc/js/
12 KB
4 KB
Script
General
Full URL
https://primeinc.org/inc/js/events.js?2021-3
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a37daeab25170c8e288fde3b183ce593049fc128899f7a2dfa4c9e9a341c72
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Sep 2021 16:30:58 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"30df-5cbf71b3e9480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
68f3fbb97b8f5c6e-FRA
prime-cf-bot-score
71
prime-cf-bot-verified
false
js
www.googletagmanager.com/gtag/
101 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-252166-13
Requested by
Host: aftermd.com
URL: https://aftermd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cddbcf06a98a39864462c797a5bc83df8e5b9ddcf28be9dbae7d07f84c82dd86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41300
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Sep 2021 18:40:24 GMT
doctor-office-bg.jpg
aftermd.com/images/
37 KB
37 KB
Image
General
Full URL
https://aftermd.com/images/doctor-office-bg.jpg
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
45eaea2f7ccb22808c221f534d43e200207446cc618972aacb155b31e01ad9c4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:path
/images/doctor-office-bg.jpg
pragma
no-cache
cookie
PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
aftermd.com
referer
https://aftermd.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"9377-5cb0356411700"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
set-cookie
AWSALB=nQ9KFuena/N1sXMQpo7quFtAzdxDDQOqMBMcoxZ2rry9B147qvtZLIQvkJVaycV6pq8hhSDRQ2k9o7d69tk2deSZ4Yy3qJ6uqA4nmUo8KgHXhqxYQS+AykX0OG3n; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/ AWSALBCORS=nQ9KFuena/N1sXMQpo7quFtAzdxDDQOqMBMcoxZ2rry9B147qvtZLIQvkJVaycV6pq8hhSDRQ2k9o7d69tk2deSZ4Yy3qJ6uqA4nmUo8KgHXhqxYQS+AykX0OG3n; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
37751
prime-education-cme-ce.png
media.primeinc.org/upload/
2 KB
2 KB
Image
General
Full URL
https://media.primeinc.org/upload/prime-education-cme-ce.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:5:a930:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ae649252fc54ae46078a84727bd2bd1470ba741571c6a4d51d2dfb39068428

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
oR75Gtd.SoAxHsOv.LKvuqMyptD1fSC.
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
etag
"f052f9a35309233ffe5c1026a6800926"
last-modified
Fri, 16 Aug 2019 00:41:00 GMT
server
AmazonS3
age
76862
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
date
Tue, 14 Sep 2021 21:19:23 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2088
x-amz-cf-id
IPpw3I-toJBgz5vlFGW3MF-2Q1Rzp8ktHOqipcU_6XdALWldMJleUA==
edh-white-long.png
media.primeinc.org/upload/
6 KB
6 KB
Image
General
Full URL
https://media.primeinc.org/upload/edh-white-long.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:5:a930:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13405a8702c3df2b6ced7d53058132f579c72c25fc7e2ad702e7bd96dab7ab24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
lFEzMt2.zFAotKipX9LJVpIuZny.fdpY
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
etag
"2fa1fe63eb4e7dc3ac7ee7804e02f501"
last-modified
Mon, 13 Jan 2020 21:44:27 GMT
server
AmazonS3
age
76862
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 14 Sep 2021 21:19:23 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
5651
x-amz-cf-id
YnX3RN2_7GfHCiDCRAoIHli8A0EL2yHrHNyNRCc5m6Ne3GLOMeqHeA==
icon-outline-white-li.png
media.primeinc.org/upload/
1 KB
1 KB
Image
General
Full URL
https://media.primeinc.org/upload/icon-outline-white-li.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:5:a930:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b6af671eb7dc691353f85f9f55d7973d71e06d59967fa6faeee3cc779a56176

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
Vkebj1PLe8pgTjld4tAS4nzlWwT8kFtp
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
etag
"cf427b285ff50448f94b5e096f402c67"
last-modified
Sat, 19 Oct 2019 00:37:45 GMT
server
AmazonS3
age
76862
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 14 Sep 2021 21:19:23 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1102
x-amz-cf-id
K6fDoMfT64jpAnIIqDUjilsW7CTVqE9dnD8psVzxbzSogVCmV7BT7Q==
icon-outline-white-tw.png
media.primeinc.org/upload/
1 KB
2 KB
Image
General
Full URL
https://media.primeinc.org/upload/icon-outline-white-tw.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:5:a930:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd8e9e19fc5fcb5d647bbf3d916291c83f6d59f071c3383efa63c12a0ddab9ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
G4PkQi1yUyizvQb6qbfHQyrli6.8_n3K
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
etag
"48e2c76ac4984061fb065960ce243703"
last-modified
Sat, 19 Oct 2019 00:37:45 GMT
server
AmazonS3
age
76862
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 14 Sep 2021 21:19:23 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1492
x-amz-cf-id
NTZ0zE1nW5YA2Ruh1A2dFpT2TTOtgAXPeEGq20V3UQuPVM-ONtd8sg==
icon-outline-white-fb.png
media.primeinc.org/upload/
1 KB
1 KB
Image
General
Full URL
https://media.primeinc.org/upload/icon-outline-white-fb.png
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9600:5:a930:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd276104cfed1d5ed9734b386c19528ae353701b51afe7bdfc5a961b4a578790

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
hXjKhu1VinES5dcM1Zzzxrf_i_yrYZpE
via
1.1 355e7d579c41c1dcc2113e41403be663.cloudfront.net (CloudFront)
etag
"541bf5d98bb5600a01e42d80087afcf5"
last-modified
Sat, 19 Oct 2019 00:37:54 GMT
server
AmazonS3
age
76862
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
date
Tue, 14 Sep 2021 21:19:23 GMT
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1024
x-amz-cf-id
pbiPgor0s_fynJGjpe4GhQKXa4oLNQlFJqBpi9-vrl7XuC4c5ZrRiQ==
fontello.woff
aftermd.com/font/
6 KB
6 KB
Font
General
Full URL
https://aftermd.com/font/fontello.woff?63148524
Requested by
Host: aftermd.com
URL: https://aftermd.com/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.158.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-158-118.compute-1.amazonaws.com
Software
/
Resource Hash
9097b1a21a652edec7020a74b69629f9b62b736031544aa7c92dfed49c175c2a
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://aftermd.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=12rluc53aiqdtnpkscsbkj8a4b; AWSALB=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f; AWSALBCORS=Sej8VJnjIHV48WuXz2P2PI8rsKhqQWFd/UiL+TUWfpOUzspxM8H0m+AV5+fRszn35vVwiEUxKfi1Mn14e10u+RhyZZaRk9cJM/wz+4H336DBLnTdaYM4jUJw880f
:path
/font/fontello.woff?63148524
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
aftermd.com
referer
https://aftermd.com/css/style.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://aftermd.com/css/style.css
Origin
https://aftermd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:19 GMT
last-modified
Thu, 02 Sep 2021 13:41:16 GMT
server
etag
"1738-5cb0356411700"
x-frame-options
SAMEORIGIN
content-type
font/woff
set-cookie
AWSALB=Logq4bBmWNDdkHosxhMJbUwPk8LKk8c10DOHErAOM0K//KE4/MPoMK8Mh2KDSs7tEwIPmzGDGvC63kSn+l/5oSQ7Nc5ROjEPWxPtRkotfN8mRvL16VF6oNn8Xl1j; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/ AWSALBCORS=Logq4bBmWNDdkHosxhMJbUwPk8LKk8c10DOHErAOM0K//KE4/MPoMK8Mh2KDSs7tEwIPmzGDGvC63kSn+l/5oSQ7Nc5ROjEPWxPtRkotfN8mRvL16VF6oNn8Xl1j; Expires=Wed, 22 Sep 2021 18:40:19 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
5944
5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
fonts.gstatic.com/s/alegreyasans/v14/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreyasans/v14/5aUz9_-1phKLFgshYDvh6Vwt7VptvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:700,900|Alegreya+Sans:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b4a429dfd49246943a5c9b27c1ebba0a7757140e0ffa8ee2d1a0236dfc402c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aftermd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:18:07 GMT
x-content-type-options
nosniff
age
138137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21800
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:43:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:18:07 GMT
5aUu9_-1phKLFgshYDvh6Vwt5eFIqEp2iw.woff2
fonts.gstatic.com/s/alegreyasans/v14/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alegreyasans/v14/5aUu9_-1phKLFgshYDvh6Vwt5eFIqEp2iw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alegreya:700,900|Alegreya+Sans:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
294721ef4c082ea4a63c980fcdb0c11c1037f5d614dff1fdcbe0b949c91da3b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://aftermd.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 20:51:38 GMT
x-content-type-options
nosniff
age
251326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21912
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:50:58 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 20:51:38 GMT
analytics.js
www.google-analytics.com/
0
0

js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-701673719&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-252166-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51b7ef62ebad141cb846b5c853e9521c8672360948eac41f361bcc936943e305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aftermd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 18:40:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39234
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Sep 2021 18:40:24 GMT
conversion_async.js
www.googleadservices.com/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| skrollr boolean| zdConsent object| zdconsent undefined| programID object| events string| key function| getGaDimensions function| addEventLoggerEntry function| firePrimeEvent function| _gaEvent function| getCurrentPathAndQuery function| primeSetCookie function| primeGetCookie function| primeEraseCookie function| primeGetUrlVars function| primeGetUrlVar function| _gaDimension string| howRegistered object| eun function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga

8 Cookies

Domain/Path Name / Value
aftermd.com/ Name: PHPSESSID
Value: 12rluc53aiqdtnpkscsbkj8a4b
aftermd.com/ Name: AWSALB
Value: Logq4bBmWNDdkHosxhMJbUwPk8LKk8c10DOHErAOM0K//KE4/MPoMK8Mh2KDSs7tEwIPmzGDGvC63kSn+l/5oSQ7Nc5ROjEPWxPtRkotfN8mRvL16VF6oNn8Xl1j
aftermd.com/ Name: AWSALBCORS
Value: Logq4bBmWNDdkHosxhMJbUwPk8LKk8c10DOHErAOM0K//KE4/MPoMK8Mh2KDSs7tEwIPmzGDGvC63kSn+l/5oSQ7Nc5ROjEPWxPtRkotfN8mRvL16VF6oNn8Xl1j
primeinc.org/ Name: AWSALBCORS
Value: XxzeVQ/4m8BG4Wdlb/K0fMSAsymZ50kL2T2nlY9LqA9r+Cm6KUzG6Ou1HoC6g9BLX80iTciDENgLkKhuNJXfo5AMpBf0rllGvk71/c2IrJ+wOUaR9slMlPPlnUZo
.primeinc.org/ Name: cf_bot_score
Value: 71
.primeinc.org/ Name: cf_bot_verified
Value: false
.primeinc.org/ Name: __cf_bm
Value: 2fNK2lkLwJvEs5VfSbL_M0KRkFT5fCiMynk2tNZn27w-1631731224-0-AT07SN1JcFhV/QmQ+wqMv8qMaCUnWWOV2s54U8+uOBU/YvVegXAKUUdOSkoX0c0u1VaBbe95QPnYaoQHpqJNNEE=
.aftermd.com/ Name: _gcl_au
Value: 1.1.935815656.1631731225

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aftermd.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
media.primeinc.org
primeinc.org
trk.cp20.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.google-analytics.com
www.googleadservices.com
216.24.224.100
2600:9000:211e:9600:5:a930:aec0:93a1
2606:4700::6810:125e
2606:4700::6812:6b1
2a00:1450:4001:80e::2003
2a00:1450:400d:804::2008
2a00:1450:4016:809::200a
52.54.158.118
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07c70ba8d47b922e3ef0444b3961c3778bbc02d6d491dbe244ea7671efd1b04f
0b8aa1f51fa1837b39fc07c02ab679ad30ef56dc6a4eeb66f058a29aa41b888b
13405a8702c3df2b6ced7d53058132f579c72c25fc7e2ad702e7bd96dab7ab24
1b6af671eb7dc691353f85f9f55d7973d71e06d59967fa6faeee3cc779a56176
294721ef4c082ea4a63c980fcdb0c11c1037f5d614dff1fdcbe0b949c91da3b8
45eaea2f7ccb22808c221f534d43e200207446cc618972aacb155b31e01ad9c4
47b4a429dfd49246943a5c9b27c1ebba0a7757140e0ffa8ee2d1a0236dfc402c
51b7ef62ebad141cb846b5c853e9521c8672360948eac41f361bcc936943e305
55ae649252fc54ae46078a84727bd2bd1470ba741571c6a4d51d2dfb39068428
58849e7c8abafc715aa5b779fa373413bd7c212202cd617ac304885b6c7ea230
60a37daeab25170c8e288fde3b183ce593049fc128899f7a2dfa4c9e9a341c72
88e7dd8e684c862cb6199b7bfb21fb211368571c426074d6bea6d561710278d0
9097b1a21a652edec7020a74b69629f9b62b736031544aa7c92dfed49c175c2a
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8
a551f79b6b1c550d8e1e3b4d8ea68da055f67252f8c2906f795573fcfafe27ad
cd8e9e19fc5fcb5d647bbf3d916291c83f6d59f071c3383efa63c12a0ddab9ba
cddbcf06a98a39864462c797a5bc83df8e5b9ddcf28be9dbae7d07f84c82dd86
cdf58506e4309c05c465a91f837c39118a2656d2f2608a1c2e6020d76ed362e2
ce243edf72e1fcde66b520917ee53af64f6c74c38c90d090016fae49b9340ffb
dd276104cfed1d5ed9734b386c19528ae353701b51afe7bdfc5a961b4a578790
fa95963fcfeca5db647d43f908f653dcb313bf7e9c283b930ab190e1391ce983