urlscan.io logo urlscan.io
SecurityTrails logo

dx.healthcasts.com Open in urlscan Pro
18.220.224.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://dx.healthcasts.com/registration
Submission: On November 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 19 domains to perform 58 HTTP transactions. The main IP is 18.220.224.234, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is dx.healthcasts.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2024. Valid for: a year.
This is the only time dx.healthcasts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    18.220.224.234 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-224-234.us-east-2.compute.amazonaws.com
dx.healthcasts.com
1    142.132.205.219 (Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.219.205.132.142.clients.your-server.de
servedbyadbutler.com
6    2600:9000:2761:5e00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
5    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6812:80d8 (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
3    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    148.59.128.196 (Canada)

ASN33561 (LUNAVI-WY, US)
track.cbdatatracker.com
www.cbvisittracker.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    151.101.65.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
1    151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)
prism.app-us1.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)
trackcmp.net
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
3    13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    52.219.232.106 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
docdx-public.s3.us-east-2.amazonaws.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
10 healthcasts.com
dx.healthcasts.com
2 MB
6 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 4813
22 KB
5 cbdatatracker.com
track.cbdatatracker.com — Cisco Umbrella Rank: 145802
21 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
6 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
337 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
3 google.com
www.google.com — Cisco Umbrella Rank: 3
996 B
3 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
3 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 960
259 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
315 KB
2 cbvisittracker.com
www.cbvisittracker.com — Cisco Umbrella Rank: 339970
2 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
214 B
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2010
alb.reddit.com — Cisco Umbrella Rank: 1418
1 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1095
13 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9072
prism.app-us1.com — Cisco Umbrella Rank: 9104
8 KB
1 amazonaws.com
docdx-public.s3.us-east-2.amazonaws.com
85 KB
1 trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 9858
314 B
1 servedbyadbutler.com
servedbyadbutler.com — Cisco Umbrella Rank: 7930
13 KB
58 19
Domain Requested by
10 dx.healthcasts.com dx.healthcasts.com
6 nexus.ensighten.com dx.healthcasts.com
nexus.ensighten.com
5 track.cbdatatracker.com dx.healthcasts.com
5 fonts.googleapis.com dx.healthcasts.com
4 region1.google-analytics.com www.googletagmanager.com
dx.healthcasts.com
3 www.google.com dx.healthcasts.com
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
3 d1eoo1tco6rr5e.cloudfront.net nexus.ensighten.com
3 insight.adsrvr.org 3 redirects
3 www.googletagmanager.com dx.healthcasts.com
www.googletagmanager.com
2 www.cbvisittracker.com track.cbdatatracker.com
www.cbvisittracker.com
2 www.facebook.com dx.healthcasts.com
2 www.redditstatic.com dx.healthcasts.com
www.redditstatic.com
2 connect.facebook.net dx.healthcasts.com
connect.facebook.net
1 www.gstatic.com www.google.com
1 docdx-public.s3.us-east-2.amazonaws.com dx.healthcasts.com
1 trackcmp.net diffuser-cdn.app-us1.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 alb.reddit.com dx.healthcasts.com
1 pixel-config.reddit.com www.redditstatic.com
1 diffuser-cdn.app-us1.com dx.healthcasts.com
1 servedbyadbutler.com dx.healthcasts.com
58 22

This site contains links to these domains. Also see Links.

Domain
ai.consensus-md.com
www.healthcasts.com
healthcasts.com
Subject Issuer Validity Valid
*.healthcasts.com
Go Daddy Secure Certificate Authority - G2		 2024-01-29 -
2025-03-01		 a year crt.sh
servedbyadbutler.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-06 -
2025-01-18		 2 months crt.sh
nexus.ensighten.com
Amazon RSA 2048 M03		 2024-08-29 -
2025-09-28		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
diffuser-cdn.app-us1.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
track.cbdatatracker.com
RapidSSL TLS RSA CA G1		 2024-04-03 -
2025-04-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-07 -
2024-12-06		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-10-06 -
2025-04-03		 6 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-13 -
2025-04-11		 6 months crt.sh
prism.app-us1.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
trackcmp.net
WE1		 2024-11-21 -
2025-02-19		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
www.cbvisittracker.com
RapidSSL TLS RSA CA G1		 2024-02-14 -
2025-02-13		 a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-11-09 -
2025-11-05		 a year crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://dx.healthcasts.com/registration
Frame ID: A97E4FE06BDA6B018DDD2CA13B2E53B4
Requests: 51 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
Frame ID: CC67EE29EC051A2971CC89DF5CC2CC65
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
Frame ID: B143B4D0C981466F0F07B213C9D96EE8
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/jj3ko32/iframe
Frame ID: 8C635F8B9A31103027C40AB001E46B02
Requests: 1 HTTP requests in this frame

Frame: https://www.cbvisittracker.com/Cookie/Frame.html
Frame ID: 1472E43F6DBA023C2AAF7E3CF0C3E70C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=8aabk8vm7qvn
Frame ID: D80EEA198B16D0F8F4EAB54C35B3CBB1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=ii2yh0sco365
Frame ID: F94FAC2463337737409B71704C72AB78
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Healthcasts

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

58
Requests

100 %
HTTPS

62 %
IPv6

19
Domains

22
Subdomains

21
IPs

3
Countries

2508 kB
Transfer

8222 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://insight.adsrvr.org/tags/mzyyllb/bn7lqz0/iframe HTTP 301
  • https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
Request Chain 35
  • https://insight.adsrvr.org/tags/mzyyllb/b2i29og/iframe HTTP 301
  • https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
Request Chain 36
  • https://insight.adsrvr.org/tags/mzyyllb/jj3ko32/iframe HTTP 301
  • https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/jj3ko32/iframe

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request registration
dx.healthcasts.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/registration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
8a0a5b56153856704c051d33f9dd6acca4849a3dda0f02d6e110ca3bbb63df5f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Nov 2024 07:32:19 GMT
ETag
W/"cdb-19349f34cf0"
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
X-Powered-By
Express
transfer-encoding
chunked
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
app.js
servedbyadbutler.com/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedbyadbutler.com/app.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.132.205.219 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.219.205.132.142.clients.your-server.de
Software
nginx /
Resource Hash
05b53ae7d88099a65709ead2202f522cc99f15f43838f6ee5107345b65c88d1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
max-age=1800
content-encoding
gzip
etag
W/"66df3f4d-10e28"
expires
Fri, 29 Nov 2024 08:02:19 GMT
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript
last-modified
Mon, 09 Sep 2024 18:32:45 GMT
server
nginx
vary
Accept-Encoding
Bootstrap.js
nexus.ensighten.com/choozle/10961/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5e00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9570457042793910dbc224c8a05a7cc30595201b1ef7f3ce2af171ff52354558

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
x-amz-version-id
ImThWXN5VAGg.bT.arJ7EvVjQ7SW3hHi
etag
W/"6329d86dcfb8d94996f1957d14f2ffef"
age
1252503
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
KayFypexj9a3_HR7SXKMTsgl82tuyUKfAULLEwpGtERdDdcIDrA1iA==
date
Thu, 14 Nov 2024 19:37:17 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
last-modified
Thu, 07 Nov 2024 03:56:02 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=300
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
server
CloudFront
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 06:15:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		818 B
478 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 05:54:37 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
2.ef045421.chunk.css
dx.healthcasts.com/static/css/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/static/css/2.ef045421.chunk.css
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
493c601d6e3b7499f0a6080928890c425b9e8ff0e4960ca79fbb176aca4962b2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

x-frame-options
SAMEORIGIN
transfer-encoding
chunked
X-Powered-By
Express
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
ETag
W/"8052-19349f34cf0"
Connection
keep-alive
Accept-Ranges
bytes
Date
Fri, 29 Nov 2024 07:32:19 GMT
x-xss-protection
1; mode=block
Content-Type
text/css; charset=UTF-8
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
main.531d1d6f.chunk.css
dx.healthcasts.com/static/css/ 		647 KB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
75461830183986b7c1fb88bfa138b92daf54dc0e3bd9aea2e38999c9a1ba0ed8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

x-frame-options
SAMEORIGIN
transfer-encoding
chunked
X-Powered-By
Express
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
ETag
W/"a1b00-19349f34cf0"
Connection
keep-alive
Accept-Ranges
bytes
Date
Fri, 29 Nov 2024 07:32:19 GMT
x-xss-protection
1; mode=block
Content-Type
text/css; charset=UTF-8
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
runtime-main.deec0a1f.js
dx.healthcasts.com/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/static/js/runtime-main.deec0a1f.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
34cbf1f6ab47ff97ce48a8f2a315fb2202067b6e813a0b96a813a2f52f1a86c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

x-frame-options
SAMEORIGIN
transfer-encoding
chunked
X-Powered-By
Express
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
ETag
W/"629-19349f34cf0"
Connection
keep-alive
Accept-Ranges
bytes
Date
Fri, 29 Nov 2024 07:32:19 GMT
x-xss-protection
1; mode=block
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
2.86c20add.chunk.js
dx.healthcasts.com/static/js/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
cc2031848c0a2d938e21abe95b3acec64d5d24472d69259a889a5dc508c8583d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

x-frame-options
SAMEORIGIN
transfer-encoding
chunked
X-Powered-By
Express
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
ETag
W/"495795-19349f34cf0"
Connection
keep-alive
Accept-Ranges
bytes
Date
Fri, 29 Nov 2024 07:32:19 GMT
x-xss-protection
1; mode=block
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
main.0aef52e4.chunk.js
dx.healthcasts.com/static/js/ 		523 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/static/js/main.0aef52e4.chunk.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
e53c146652690bc65834dd5916dac1feb2d826581006dc50bf2373234eb8073e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

x-frame-options
SAMEORIGIN
transfer-encoding
chunked
X-Powered-By
Express
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
ETag
W/"82a8c-19349f34cf0"
Connection
keep-alive
Accept-Ranges
bytes
Date
Fri, 29 Nov 2024 07:32:19 GMT
x-xss-protection
1; mode=block
Content-Type
application/javascript; charset=UTF-8
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
Vary
Accept-Encoding
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:80d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"234346615b452270c8ee1158258c83bb"
age
6
x-cache
Hit from cloudfront
x-amz-cf-id
WP1r89bdCNVHkF1c3ky1uUfm1oNN0YQcTsOnzH11uoAE6FZNKIMR9g==
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:47:53 GMT
vary
accept-encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=300
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
cf-ray
8ea0e7360f293723-FRA
x-amz-cf-pop
FRA56-C2
server
cloudflare
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WCFMM72
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e09636fdfa219981e778ec451d5a1e339b7e32753a18c6d02dc3db90b2452981
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 29 Nov 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
76687
x-xss-protection
0
server
Google Tag Manager
Home
track.cbdatatracker.com/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.cbdatatracker.com/Home?v=3&id=%278891fbe4-17f3-402e-8db8-23164178bd57%27
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c1fd20a78320daadcd70cc42dfa28a7b0c12b280484e2ee907f4a07ee8973aea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
private
x-aspnet-version
4.0.30319
alt-svc
h3=":443";
content-length
21317
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/javascript; charset=utf-8
x-powered-by
ASP.NET
x-aspnetmvc-version
5.2
server
Microsoft-IIS/10.0
serverComponent.php
nexus.ensighten.com/choozle/10961/ 		668 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10961/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/10961/code/&publishedOn=Thu%20Nov%2007%2003:55:53%20GMT%202024&ClientID=923&PageID=https%3A%2F%2Fdx.healthcasts.com%2Fregistration
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:5e00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
db5ce19088a3ac24bae440a052a11e47960d5b8795a794e2c26984f26c18a11e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
no-cache, no-store
via
1.1 da9618575b838f6c05697fe3f723a49e.cloudfront.net (CloudFront)
expires
Fri, 29 Nov 2024 07:32:18 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
668
x-amz-cf-id
e9xx5ZVxTvoUQs30Ajv1_hBluURILriDQ5tC3ea5NpfnCd7CbSZONA==
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/javascript
x-amz-cf-pop
FRA60-P8
server
CloudFront
fbevents.js
connect.facebook.net/en_US/ 		245 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1aece686ac161180b8b90259b6ddf269cd9ab7a893ca3fd36d2d2d17deaf6be5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tboPPPlB' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-tboPPPlB' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4457, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
4Nu+9LcD6xJuzFiO+CC/XPY7xJAyGJUApR3k3ldrKAJjqZD0dX5YXXd5FFcZY0PdLDxLPIRyLJ3oluZog3TE5A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
63583
x-xss-protection
0
origin-agent-cluster
?1
pixel.js
www.redditstatic.com/ads/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"1a001f3a066bff47a766099b87253911"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12220
date
Fri, 29 Nov 2024 07:32:19 GMT
last-modified
Mon, 18 Nov 2024 21:16:35 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
1731702260980651
connect.facebook.net/signals/config/ 		69 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1731702260980651?v=next&r=canary&domain=dx.healthcasts.com&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C44%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C169%2C142%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C5%2C90%2C81%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d50f6e874f1050bd36e9d4ceb819721760dec0e3c4114683a4648fae9380980
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DwihpDqy' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DwihpDqy' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=72, mss=1232, tbw=71863, tp=67, tpl=0, uplat=128, ullat=0
pragma
public
x-fb-debug
ACT3kFHokYjHeSFFT8KV9Lnwksfyz6xmzuuCUlaKknObikEfBn/cf/oBeCfqXrnv0vYQL910o8axtv2SiRbcZA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
config
pixel-config.reddit.com/pixels/a2_fociv6tppkz9/ 		949 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_fociv6tppkz9/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa26b15f22e1aa95c836e1b09c3b28bd01bee9de6f51987a4a8640cb25218fcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
295
date
Fri, 29 Nov 2024 07:32:20 GMT
content-type
application/json
a2_fociv6tppkz9_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_fociv6tppkz9_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
98
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1732865539557&id=a2_fociv6tppkz9&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=1d793929-db54-4980-8c4c-a0bccda23776&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_b192616d&dpm=&dpcc=&dprc=
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Fri, 29 Nov 2024 07:32:20 GMT
content-type
image/gif
server
Varnish
/
prism.app-us1.com/ 		248 B
497 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=226130963&u=https%3A%2F%2Fdx.healthcasts.com%2Fregistration
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.29
Resource Hash
d1ce2382835822472da8f22ba2bf0b369bcde0c5412ae4d2cc1edb71b8bcc2c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, private
content-encoding
gzip
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
61
cf-ray
8ea0e736ad0d4d2b-FRA
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript
x-powered-by
PHP/8.1.29
server
cloudflare
b85dc0f6f3a4ea8fc121231c317525c0.js
nexus.ensighten.com/choozle/10961/code/ 		583 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10961/code/b85dc0f6f3a4ea8fc121231c317525c0.js?conditionId0=4958059&conditionId1=4958060
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2761:5e00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
9a78701f6e49e71ab4a15f85c515418a37fb8e7e179b2686faa795765a402bac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

etag
"bd833dd44a422db4eabf82aebcec5ae6"
age
1024819
x-amz-version-id
3RqKKDUhbktE1fbB9kQ4ChDcQdXeQddU
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
uR5qMpjwvUUPtEirQ77GR1RXnQJOFkyZcXpxUgrBBagLLexu1LmEHw==
date
Sun, 17 Nov 2024 10:52:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 31 May 2024 18:36:50 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
583
x-amz-cf-pop
FRA60-P8
server
CloudFront
x-amz-server-side-encryption
AES256
64d96158fcbd2ab76c894c93f072f7c9.js
nexus.ensighten.com/choozle/10961/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10961/code/64d96158fcbd2ab76c894c93f072f7c9.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2761:5e00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e322190b19607a24bc2e50477ebf423769e61fd20628bd835984c95ea41705f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
br
x-amz-version-id
_n3o5E_rcs2XXee0qmERbuwF_Ykvp9HD
age
1830320
etag
W/"14c40e510dbcda0cc4c82a6b0f03a09b"
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
qTNLSEsxcIE149qr6BS1VuTrMjBA6Gmic2JIgAaUM09mHLdP9BUpNA==
date
Fri, 08 Nov 2024 03:06:59 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
last-modified
Fri, 31 May 2024 18:36:50 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
server
CloudFront
x-amz-server-side-encryption
AES256
e2875ba4267d2749bd3e1b2658ee678e.js
nexus.ensighten.com/choozle/10961/code/ 		1 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10961/code/e2875ba4267d2749bd3e1b2658ee678e.js?conditionId0=4964206&conditionId1=4967398
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2761:5e00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
abd30c7750aec7618f1b13d556fe1c6f3d48667b54c2507e82502f367343a4ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
br
x-amz-version-id
5wGN8TjDzHRGuJuDcyiTYOQqOGZypL3N
etag
W/"f841d54a2feb81eece8aa83acbbc0578"
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
-CbfkALD3lT08zUQyaPvpDtIQB04Vc2Iae2N6Nn9l_GRDYuK4fUWmg==
date
Fri, 29 Nov 2024 07:32:20 GMT
content-type
application/javascript; charset=utf-8
vary
accept-encoding
last-modified
Thu, 07 Nov 2024 03:56:03 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
server
CloudFront
x-amz-server-side-encryption
AES256
264631fb7f96cb44664c95b0154b3a08.js
nexus.ensighten.com/choozle/10961/code/ 		673 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/10961/code/264631fb7f96cb44664c95b0154b3a08.js?conditionId0=4963319
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:2761:5e00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
34d66af02ece24fc0d1114abb1071ab38fc299604b2fa55db2fdcdda49bc3ca3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

etag
"2661573110210dcb0e51909cac955e94"
age
1024819
x-amz-version-id
LCydzeit_W9mGJtDNY6.dGghJWd5V53A
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
nVCPq1vGQSR2SRaYLfUF4GpV0fhA0CKgWx4bw4OGLWy9zOIGXzrilA==
date
Sun, 17 Nov 2024 10:52:01 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 31 May 2024 18:36:49 GMT
x-amz-replication-status
COMPLETED
cache-control
max-age=315360000
via
1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
673
x-amz-cf-pop
FRA60-P8
server
CloudFront
x-amz-server-side-encryption
AES256
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1731702260980651&ev=PageView&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&rl=&if=false&ts=1732865539699&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1732865539693.499312051855840553&ler=empty&cdl=API_unavailable&it=1732865539531&coo=false&uppt=0.20000076293945312&uvpt=0.10000038146972656&ttf=926.7999992370605&bdt=34.79999923706055&bdsize=251140&btsize=63583&brbs=0&cdt=150&cdsize=70712&ctsize=14246&crbs=0&let=10.899999618530273&rpcl=0&rpurlcl=3&rqm=GET
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4458, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1731702260980651&ev=PageView&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&rl=&if=false&ts=1732865539699&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1732865539693.499312051855840553&ler=empty&cdl=API_unavailable&it=1732865539531&coo=false&uppt=0.20000076293945312&uvpt=0.10000038146972656&ttf=926.7999992370605&bdt=34.79999923706055&bdsize=251140&btsize=63583&brbs=0&cdt=150&cdsize=70712&ctsize=14246&crbs=0&let=10.899999618530273&rpcl=0&rpurlcl=3&rqm=FGET
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7442600819752023425"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7442600819752023425", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
CFj6vrA9WeKYR1Zp7yyUYKalvuT/OcUMZkgEn/PfREtdCNfoWr804nnG3w9msliJHXNzHQbcQG7o18VOAMkU5A==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=2, c=24, mss=1232, tbw=5531, tp=15, tpl=2, uplat=161, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
t_prism_sitemessages.php
trackcmp.net/ 		0
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=226130963&prismid=8c3705a3-3b3c-4530-b429-9124e8f001b4&url=https%3A%2F%2Fdx.healthcasts.com%2Fregistration
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
no-cache, private
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
9
cf-ray
8ea0e738a9259136-FRA
content-length
0
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
date
Fri, 29 Nov 2024 07:32:20 GMT
content-type
text/javascript;charset=UTF-8
x-powered-by
PHP/8.1.30
server
cloudflare
js
www.googletagmanager.com/gtag/ 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X1THHMW2QS&l=dataLayer&cx=c&gtm=45He4bk0v9100728977za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFMM72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14f1b974cfdbfd00d50bbe6c1fd2ece3542b1e3ee45dfc92ca5039f9c96f864f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
108331
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		420 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LG38XJB31H&l=dataLayer&cx=c&gtm=45He4bk0v9100728977za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFMM72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9babc400aff82c1f079497999dd2b5ee682afc4468af5d2ba7fd388e2745250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136684
x-xss-protection
0
server
Google Tag Manager
css
fonts.googleapis.com/ 		3 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 06:31:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 06:12:49 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/ 		7 KB
914 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital@0;1&family=Literata:ital,opsz,wght@0,7..72,600;1,7..72,600&display=swap
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93e984b7b94d2a869d5313b60216d067f07c2f1e6137e24ddc629bf94dce6a56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 07:32:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 29 Nov 2024 07:32:19 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
iframe
d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/ Frame CC67
Redirect Chain
  • https://insight.adsrvr.org/tags/mzyyllb/bn7lqz0/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/code/264631fb7f96cb44664c95b0154b3a08.js?conditionId0=4963319
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://dx.healthcasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
137
Content-Type
text/html
Date
Fri, 29 Nov 2024 07:32:21 GMT
ETag
"737f1a316b894660a6a5dbceff90f0d7"
Last-Modified
Fri, 31 May 2024 04:38:50 GMT
Server
AmazonS3
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Lr4hGq0pp56wsrWAIRosJ_9A8WXBIhvXgCTSp30VYHEwM1kK_a_Hvg==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
RefreshHit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
0
date
Fri, 29 Nov 2024 07:32:20 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1THHMW2QS&gtm=45je4bk0v9100870118z89100728977za200zb9100728977&_p=1732865539370&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=896827017.1732865540&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732865539&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1197
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X1THHMW2QS&l=dataLayer&cx=c&gtm=45He4bk0v9100728977za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dx.healthcasts.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LG38XJB31H&gtm=45je4bk0v9102386499z89100728977za200zb9100728977&_p=1732865539370&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=896827017.1732865540&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732865540&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=page_view&_fv=1&_ss=1&tfd=1257
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LG38XJB31H&l=dataLayer&cx=c&gtm=45He4bk0v9100728977za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dx.healthcasts.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:20 GMT
content-type
text/plain
server
Golfe2
iframe
d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/ Frame B143
Redirect Chain
  • https://insight.adsrvr.org/tags/mzyyllb/b2i29og/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/code/e2875ba4267d2749bd3e1b2658ee678e.js?conditionId0=4964206&conditionId1=4967398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://dx.healthcasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
137
Content-Type
text/html
Date
Fri, 29 Nov 2024 07:32:21 GMT
ETag
"2365c0a4760e22d54c4055810c670f34"
Last-Modified
Wed, 17 Jul 2024 22:58:19 GMT
Server
AmazonS3
Via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
X-Amz-Cf-Id
PscWJHGFGl95dW_HvrknldEp5dfw3n4WGCgxuvnDeiUkUE8sbTHyLQ==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Miss from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
0
date
Fri, 29 Nov 2024 07:32:20 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
iframe
d1eoo1tco6rr5e.cloudfront.net/mzyyllb/jj3ko32/ Frame 8C63
Redirect Chain
  • https://insight.adsrvr.org/tags/mzyyllb/jj3ko32/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/jj3ko32/iframe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/jj3ko32/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/code/e2875ba4267d2749bd3e1b2658ee678e.js?conditionId0=4964206&conditionId1=4967398
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://dx.healthcasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
137
Content-Type
text/html
Date
Fri, 29 Nov 2024 07:32:21 GMT
ETag
"485879360a5e41bfeef198a50b0ca166"
Last-Modified
Thu, 07 Nov 2024 03:52:47 GMT
Server
AmazonS3
Via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
X-Amz-Cf-Id
aXV5qcH3tqiduKjyi_vtbNJvCjrAh-82sIgG2zrlPdZDdSVPcfxkcg==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Miss from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
0
date
Fri, 29 Nov 2024 07:32:20 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/jj3ko32/iframe
CookieReadJS.js
www.cbvisittracker.com/Cookie/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbvisittracker.com/Cookie/CookieReadJS.js
Requested by
Host: track.cbdatatracker.com
URL: https://track.cbdatatracker.com/Home?v=3&id=%278891fbe4-17f3-402e-8db8-23164178bd57%27
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
70bf7023316ccd73b8775a094d634f51de416e9574344caca0b77137b5dbc0e6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

etag
"4cd7548895fda1:0"
accept-ranges
bytes
alt-svc
h3=":443";
content-length
2037
date
Fri, 29 Nov 2024 07:32:19 GMT
content-type
application/javascript
last-modified
Wed, 14 Feb 2024 21:03:39 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
Frame.html
www.cbvisittracker.com/Cookie/ Frame 1472 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cbvisittracker.com/Cookie/Frame.html
Requested by
Host: www.cbvisittracker.com
URL: https://www.cbvisittracker.com/Cookie/CookieReadJS.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer
https://dx.healthcasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";
content-length
1531
content-type
text/html
date
Fri, 29 Nov 2024 07:32:20 GMT
etag
"6773cacd9859d81:0"
last-modified
Tue, 26 Apr 2022 18:09:42 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7933d7eef56f5080dfbe4a8ce1bdf0703e1fc8229d834c86d258766b369668e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
logo.ed1e27dd.png
dx.healthcasts.com/static/media/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.healthcasts.com/static/media/logo.ed1e27dd.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
3679d319283ea25050bb0d26fc71fa450d4bb05193b2458df64c3cfc021fd334
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

X-Powered-By
Express
Cache-Control
public, max-age=31536000
ETag
W/"4d0f-19349f34cf0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19727
Date
Fri, 29 Nov 2024 07:32:21 GMT
x-xss-protection
1; mode=block
Content-Type
image/png
Last-Modified
Wed, 20 Nov 2024 14:21:42 GMT
Server
nginx/1.22.1
x-frame-options
SAMEORIGIN
Healthcasts-Login-Background-image.jpg
docdx-public.s3.us-east-2.amazonaws.com/images/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://docdx-public.s3.us-east-2.amazonaws.com/images/Healthcasts-Login-Background-image.jpg
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.232.106 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
8f3a3a9ab571e9a0c72aea87cd839bc8fbd9dc48bb7506228f30532b31bea1b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

x-amz-id-2
P78Kma89mEcip3ZxGE3NU/YswbNNUSey6Y8e158pyzWPhst862fwgUgeVBtlE9qhWEQRh3Mi9sM=
ETag
"5d05291c3b29d38fcaebcae7f10aec33"
x-amz-request-id
HRMERTKHK3HK6QB1
Accept-Ranges
bytes
Content-Length
87047
Date
Fri, 29 Nov 2024 07:32:22 GMT
Last-Modified
Wed, 31 May 2023 18:14:56 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dx.healthcasts.com
Referer
https://fonts.googleapis.com/

Response headers

age
209651
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 21:18:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:18:10 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
or38Q6P12-iJxAIgLa78DkTtAoDhk0oVe6XlbJ5W.woff2
fonts.gstatic.com/s/literata/v35/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/literata/v35/or38Q6P12-iJxAIgLa78DkTtAoDhk0oVe6XlbJ5W.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital@0;1&family=Literata:ital,opsz,wght@0,7..72,600;1,7..72,600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aef2d1053042593b9f63696e708fad6c85783ce3a781810e76533df61a163a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dx.healthcasts.com
Referer
https://fonts.googleapis.com/

Response headers

age
76635
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 10:15:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 10:15:06 GMT
last-modified
Tue, 06 Jun 2023 20:22:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50232
x-xss-protection
0
server
sffe
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dx.healthcasts.com
Referer
https://fonts.googleapis.com/

Response headers

age
144487
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 15:24:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 15:24:14 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
api.js
www.google.com/recaptcha/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/main.0aef52e4.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fa4dbebcadd3aeaf4c624218eb560e6b0f0364775740667d87d48208074b462
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 07:32:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Fri, 29 Nov 2024 07:32:21 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
specialties
dx.healthcasts.com/api/v1/ 		871 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/api/v1/specialties
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
defe5dde65896a803cbed774d8b136d17cf816be16b18227ff24b007051dbc03
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://dx.healthcasts.com/registration
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache

Response headers

ETag
W/"367-7PUD6VijWLmtowG6w8teJHmKwmo"
Connection
keep-alive
Content-Length
871
x-xss-protection
1; mode=block
Date
Fri, 29 Nov 2024 07:32:21 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Vary
Accept-Encoding
Server
nginx/1.22.1
x-frame-options
SAMEORIGIN
specialties
dx.healthcasts.com/api/v1/ 		871 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/api/v1/specialties
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
defe5dde65896a803cbed774d8b136d17cf816be16b18227ff24b007051dbc03
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Cache-Control
no-cache
Referer
https://dx.healthcasts.com/registration
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Pragma
no-cache

Response headers

ETag
W/"367-7PUD6VijWLmtowG6w8teJHmKwmo"
Connection
keep-alive
Content-Length
871
x-xss-protection
1; mode=block
Date
Fri, 29 Nov 2024 07:32:21 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Express
Vary
Accept-Encoding
Server
nginx/1.22.1
x-frame-options
SAMEORIGIN
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 		549 KB
218 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dx.healthcasts.com
Referer
https://dx.healthcasts.com/

Response headers

content-encoding
gzip
age
63112
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 14:00:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 14:00:29 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame D80E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=8aabk8vm7qvn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sjcImk0aqZdbF1RlnisNIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dx.healthcasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sjcImk0aqZdbF1RlnisNIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Nov 2024 07:32:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
anchor
www.google.com/recaptcha/api2/ Frame F94F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=ii2yh0sco365
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IFd5HGjAWys0cWsMtaQvhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dx.healthcasts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IFd5HGjAWys0cWsMtaQvhA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Nov 2024 07:32:21 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
favicon.png
dx.healthcasts.com/images/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dx.healthcasts.com/images/favicon.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.224.234 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-224-234.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
299c49d7ad98d16b45aebf816f3dd683299d6290b314a8eb605dc653fe12b749
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/registration

Response headers

X-Powered-By
Express
Cache-Control
public, max-age=31536000
ETag
W/"b98-19349f12628"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2968
Date
Fri, 29 Nov 2024 07:32:21 GMT
x-xss-protection
1; mode=block
Content-Type
image/png
Last-Modified
Wed, 20 Nov 2024 14:19:21 GMT
Server
nginx/1.22.1
x-frame-options
SAMEORIGIN
Post
track.cbdatatracker.com/api/tracker/ 		0
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.cbdatatracker.com/api/tracker/Post?_method=put
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control
no-cache
Access-Control-Allow-Origin
*
Referer
https://dx.healthcasts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

cache-control
no-cache
x-aspnet-version
4.0.30319
pragma
no-cache
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443";
date
Fri, 29 Nov 2024 07:32:21 GMT
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
Post
track.cbdatatracker.com/api/tracker/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track.cbdatatracker.com/api/tracker/Post?_method=put
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,cache-control
Access-Control-Request-Method
POST
Origin
https://dx.healthcasts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,cache-control
access-control-allow-origin
*
alt-svc
h3=":443";
cache-control
no-cache
content-length
0
date
Fri, 29 Nov 2024 07:32:21 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X1THHMW2QS&gtm=45je4bk0v9100870118za200zb9100728977&_p=1732865539370&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=896827017.1732865540&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732865539&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=scroll&epn.percent_scrolled=90&_et=17&tfd=6215
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dx.healthcasts.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:24 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LG38XJB31H&gtm=45je4bk0v9102386499za200zb9100728977&_p=1732865539370&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=896827017.1732865540&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732865540&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6263
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dx.healthcasts.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://dx.healthcasts.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 07:32:25 GMT
content-type
text/plain
server
Golfe2
PostPing
track.cbdatatracker.com/api/tracker/ 		0
52 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.cbdatatracker.com/api/tracker/PostPing?_method=put
Requested by
Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control
no-cache
Access-Control-Allow-Origin
*
Referer
https://dx.healthcasts.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

cache-control
no-cache
x-aspnet-version
4.0.30319
pragma
no-cache
expires
-1
access-control-allow-origin
*
alt-svc
h3=":443";
date
Fri, 29 Nov 2024 07:32:25 GMT
x-powered-by
ASP.NET
server
Microsoft-IIS/10.0
PostPing
track.cbdatatracker.com/api/tracker/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track.cbdatatracker.com/api/tracker/PostPing?_method=put
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,cache-control
Access-Control-Request-Method
POST
Origin
https://dx.healthcasts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
access-control-allow-origin,cache-control
access-control-allow-origin
*
alt-svc
h3=":443";
cache-control
no-cache
content-length
0
date
Fri, 29 Nov 2024 07:32:25 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| visitorGlobalObjectAlias function| vgo object| dataLayer object| AdButler number| rnd object| ensBootstraps object| Bootstrapper function| fbq function| _fbq function| rdt string| prismGlobalObjectAlias object| visitorGlobalObject function| redditNormalizeEmail object| google_tag_manager object| google_tag_data object| webpackJsonpdocdx-web-react function| onYouTubeIframeAPIReady object| gaGlobal function| utmcodes object| cb string| cbEmail string| eventMethod function| eventer string| messageEvent function| LoadCBFrame function| LoadCBFrameByDomain function| RemoveFrame object| core function| setImmediate function| clearImmediate object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_843169

17 Cookies

Domain/Path Name / Value
.healthcasts.com/ Name: _rdt_uuid
Value: 1732865539555.1d793929-db54-4980-8c4c-a0bccda23776
.healthcasts.com/ Name: _fbp
Value: fb.1.1732865539693.499312051855840553
prism.app-us1.com/ Name: prism_226130963
Value: 8c3705a3-3b3c-4530-b429-9124e8f001b4
.healthcasts.com/ Name: prism_226130963
Value: 8c3705a3-3b3c-4530-b429-9124e8f001b4
.healthcasts.com/ Name: _ga
Value: GA1.1.896827017.1732865540
.healthcasts.com/ Name: _ga_X1THHMW2QS
Value: GS1.1.1732865539.1.0.1732865539.0.0.0
.healthcasts.com/ Name: _ga_LG38XJB31H
Value: GS1.1.1732865540.1.0.1732865540.0.0.0
dx.healthcasts.com/ Name: 57942
Value:
dx.healthcasts.com/ Name: 58312
Value:
dx.healthcasts.com/ Name: 58313
Value:
dx.healthcasts.com/ Name: 59942
Value:
dx.healthcasts.com/ Name: 57928
Value:
dx.healthcasts.com/ Name: 58306
Value:
dx.healthcasts.com/ Name: 59941
Value:
dx.healthcasts.com/ Name: 57927
Value:
dx.healthcasts.com/ Name: 57941
Value:
dx.healthcasts.com/ Name: 58305
Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
diffuser-cdn.app-us1.com
docdx-public.s3.us-east-2.amazonaws.com
dx.healthcasts.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
nexus.ensighten.com
pixel-config.reddit.com
prism.app-us1.com
region1.google-analytics.com
servedbyadbutler.com
track.cbdatatracker.com
trackcmp.net
www.cbvisittracker.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
13.225.83.200
142.132.205.219
148.59.128.196
151.101.1.140
151.101.65.140
18.220.224.234
2001:4860:4802:34::36
2600:9000:2761:5e00:2:8f43:5780:93a1
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2606:4700::6812:80d8
2a00:1450:4001:800::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::396
3.33.220.150
52.219.232.106
05b53ae7d88099a65709ead2202f522cc99f15f43838f6ee5107345b65c88d1d
10429db431cbd2fc042c7397c8f1e62996d636ddeef2702c912d9fb7fc650c35
14f1b974cfdbfd00d50bbe6c1fd2ece3542b1e3ee45dfc92ca5039f9c96f864f
1aece686ac161180b8b90259b6ddf269cd9ab7a893ca3fd36d2d2d17deaf6be5
1aef2d1053042593b9f63696e708fad6c85783ce3a781810e76533df61a163a9
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
299c49d7ad98d16b45aebf816f3dd683299d6290b314a8eb605dc653fe12b749
34cbf1f6ab47ff97ce48a8f2a315fb2202067b6e813a0b96a813a2f52f1a86c9
34d66af02ece24fc0d1114abb1071ab38fc299604b2fa55db2fdcdda49bc3ca3
3679d319283ea25050bb0d26fc71fa450d4bb05193b2458df64c3cfc021fd334
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
493c601d6e3b7499f0a6080928890c425b9e8ff0e4960ca79fbb176aca4962b2
5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
70bf7023316ccd73b8775a094d634f51de416e9574344caca0b77137b5dbc0e6
75461830183986b7c1fb88bfa138b92daf54dc0e3bd9aea2e38999c9a1ba0ed8
7933d7eef56f5080dfbe4a8ce1bdf0703e1fc8229d834c86d258766b369668e8
7d50f6e874f1050bd36e9d4ceb819721760dec0e3c4114683a4648fae9380980
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
8a0a5b56153856704c051d33f9dd6acca4849a3dda0f02d6e110ca3bbb63df5f
8f3a3a9ab571e9a0c72aea87cd839bc8fbd9dc48bb7506228f30532b31bea1b2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93e984b7b94d2a869d5313b60216d067f07c2f1e6137e24ddc629bf94dce6a56
9570457042793910dbc224c8a05a7cc30595201b1ef7f3ce2af171ff52354558
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9a78701f6e49e71ab4a15f85c515418a37fb8e7e179b2686faa795765a402bac
9fa4dbebcadd3aeaf4c624218eb560e6b0f0364775740667d87d48208074b462
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
abd30c7750aec7618f1b13d556fe1c6f3d48667b54c2507e82502f367343a4ba
c1fd20a78320daadcd70cc42dfa28a7b0c12b280484e2ee907f4a07ee8973aea
cc2031848c0a2d938e21abe95b3acec64d5d24472d69259a889a5dc508c8583d
d1ce2382835822472da8f22ba2bf0b369bcde0c5412ae4d2cc1edb71b8bcc2c0
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
db5ce19088a3ac24bae440a052a11e47960d5b8795a794e2c26984f26c18a11e
defe5dde65896a803cbed774d8b136d17cf816be16b18227ff24b007051dbc03
e09636fdfa219981e778ec451d5a1e339b7e32753a18c6d02dc3db90b2452981
e322190b19607a24bc2e50477ebf423769e61fd20628bd835984c95ea41705f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53c146652690bc65834dd5916dac1feb2d826581006dc50bf2373234eb8073e
e9babc400aff82c1f079497999dd2b5ee682afc4468af5d2ba7fd388e2745250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa26b15f22e1aa95c836e1b09c3b28bd01bee9de6f51987a4a8640cb25218fcd