urlscan.io logo urlscan.io
SecurityTrails logo

auth.nexhealth.com Open in urlscan Pro
2606:4700:4400::ac40:90d6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nexhealth.info/
Effective URL: https://auth.nexhealth.com/login
Submission Tags: tranco_l324
Submission: On April 02 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 22 HTTP transactions. The main IP is 2606:4700:4400::ac40:90d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth.nexhealth.com. The Cisco Umbrella rank of the primary domain is 986181.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2024. Valid for: a year.
This is the only time auth.nexhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:4400::6812:288d (United States)

ASN13335 (CLOUDFLARENET, US)
nexhealth.info
7    2606:4700:4400::ac40:90d6 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.nexhealth.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2.18.98.139 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-98-139.deploy.static.akamaitechnologies.com
learn.microsoft.com
2    172.64.144.214 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
login-page-iframe.nexhealth.com
auth.nexhealth.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2600:9000:21f3:c400:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets-global.website-files.com
1    18.244.20.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-109.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    2600:9000:235a:f200:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.website-files.com
Apex Domain
Subdomains		 Transfer
9 nexhealth.com
auth.nexhealth.com — Cisco Umbrella Rank: 986181
login-page-iframe.nexhealth.com
86 KB
7 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 5945
assets.website-files.com — Cisco Umbrella Rank: 11857
432 KB
2 nexhealth.info
nexhealth.info — Cisco Umbrella Rank: 198757
587 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2042
256 B
1 microsoft.com
learn.microsoft.com — Cisco Umbrella Rank: 11206
855 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
98 KB
22 9
Domain Requested by
8 auth.nexhealth.com auth.nexhealth.com
5 assets-global.website-files.com login-page-iframe.nexhealth.com
2 assets.website-files.com assets-global.website-files.com
2 nexhealth.info 2 redirects
1 d3e54v103j8qbb.cloudfront.net login-page-iframe.nexhealth.com
1 fonts.gstatic.com fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 login-page-iframe.nexhealth.com auth.nexhealth.com
1 learn.microsoft.com auth.nexhealth.com
1 fonts.googleapis.com auth.nexhealth.com
1 www.googletagmanager.com auth.nexhealth.com
22 11

This site contains no links.

Subject Issuer Validity Valid
nexhealth.com
Cloudflare Inc ECC CA-3		 2024-02-08 -
2024-12-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
learn.microsoft.com
Microsoft Azure ECC TLS Issuing CA 08		 2024-01-30 -
2025-01-24		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.website-files.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://auth.nexhealth.com/login
Frame ID: B05860BEF525254573D8EC498A71247C
Requests: 13 HTTP requests in this frame

Frame: https://login-page-iframe.nexhealth.com/
Frame ID: DC79EF50B7BCFFA96F5940C344762C60
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to NexHealth

Page URL History Show full URLs

  1. http://nexhealth.info/ HTTP 307
    https://nexhealth.info/ HTTP 301
    https://nexhealth.info/login HTTP 301
    https://auth.nexhealth.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-controller
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

100 %
HTTPS

73 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

694 kB
Transfer

1555 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nexhealth.info/ HTTP 307
    https://nexhealth.info/ HTTP 301
    https://nexhealth.info/login HTTP 301
    https://auth.nexhealth.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
auth.nexhealth.com/
Redirect Chain
  • http://nexhealth.info/
  • https://nexhealth.info/
  • https://nexhealth.info/login
  • https://auth.nexhealth.com/login
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
535c77e0464fbaa625d265861c68736b31fb412e5e24242ede2f93164e3e02e4
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86de34f29d3c3814-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2024 04:51:58 GMT
link
</vite/assets/auth.978a7fb7.js>; rel=modulepreload; as=script; crossorigin=anonymous; nopush,</vite/assets/auth.0637b61b.css>; rel=preload; as=style; nopush
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
409d88b3-8615-4e2a-a71a-97aa7ef787ac
x-runtime
0.013636
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
86de34f13ac01a49-FRA
content-type
text/html
date
Tue, 02 Apr 2024 04:51:58 GMT
location
https://auth.nexhealth.com/login
server
cloudflare
status
301 Moved Permanently
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Origin, Accept-Encoding
x-request-id
b4cb93cc-1233-471d-b10b-d456b2922500
x-runtime
0.000822
auth.978a7fb7.js
auth.nexhealth.com/vite/assets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/vite/assets/auth.978a7fb7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02de40b522f39aa8e1cc7793e1ca24f13806fe3757a8ff0021d91087f93308f0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin
https://auth.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:21:53 GMT
server
cloudflare
etag
W/"660b3381-1d83"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
86de34f39dde3814-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Apr 2024 04:51:58 GMT
auth.0637b61b.css
auth.nexhealth.com/vite/assets/ 		64 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/vite/assets/auth.0637b61b.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0637b61bab10240f89e93419c3c57ae26e9068df0ae09746dbe1966ebbf94f89

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/login
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:21:53 GMT
server
cloudflare
etag
W/"660b3381-10110"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=86400
cf-ray
86de34f39ddc3814-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Apr 2024 04:51:58 GMT
js
www.googletagmanager.com/gtag/ 		291 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5CYZDPHVFB
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d70c40331c2ec33bf539a0c62ed658c541a1a62b6c3b53882c115dde03ab27dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99557
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Apr 2024 04:51:58 GMT
css2
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Apr 2024 03:30:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Apr 2024 04:51:58 GMT
turbo_modal_controller.5ccace04.js
auth.nexhealth.com/vite/assets/ 		178 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/vite/assets/turbo_modal_controller.5ccace04.js
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c55a1f94d6294e2f2963eb3141374e0b7270d78c3c60cdd34844ee44c64aa04

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/login
Origin
https://auth.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:59 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:21:53 GMT
server
cloudflare
etag
W/"660b3381-2c8c8"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
86de34f39ddf3814-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Apr 2024 04:51:59 GMT
index.bef0cda0.js
auth.nexhealth.com/vite/assets/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/vite/assets/index.bef0cda0.js
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55dedb488129977920bdb03518ff5669484cf93f695b0672bcafa31be14f689b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/login
Origin
https://auth.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:21:53 GMT
server
cloudflare
etag
W/"660b3381-a656"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
86de34f39de03814-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Apr 2024 04:51:58 GMT
isSymbol.d5b580a6.js
auth.nexhealth.com/vite/assets/ 		1 KB
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/vite/assets/isSymbol.d5b580a6.js
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abaa91574b6fac3d2cff2d625ff713cb81357ad29ac23d246b306e58ef1879ba

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/login
Origin
https://auth.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:21:53 GMT
server
cloudflare
etag
W/"660b3381-45e"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=86400
cf-ray
86de34f3ade13814-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Apr 2024 04:51:58 GMT
logo.svg
auth.nexhealth.com/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://auth.nexhealth.com/images/logo.svg
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb22014580305a4ab6d6c6788b5784d76175aa3698940a2a5e17fb73243199b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/login
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:20:34 GMT
server
cloudflare
etag
W/"660b3332-753"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
86de34f3ade33814-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 03 Apr 2024 04:51:58 GMT
ms-symbollockup_mssymbol_19.png
learn.microsoft.com/en-us/entra/identity-platform/media/howto-add-branding-in-apps/ 		162 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://learn.microsoft.com/en-us/entra/identity-platform/media/howto-add-branding-in-apps/ms-symbollockup_mssymbol_19.png
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.98.139 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-98-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ecc6ec51a0ff2a2c3314e3f98f47c75beb6ca294e70569cdc457a05fe7028d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:51:59 GMT
akamai-cache-status
RefreshHit from child, RefreshHit from parent
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.01,"failure_fraction":1.0}
content-length
162
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-rendering-stack
Static
request-context
appId=cid-v1:8f3babe3-1612-4642-87ca-e9e867ad0935
last-modified
Mon, 16 Oct 2023 20:55:46 GMT
x-datacenter
eus
etag
"0x8DBCE8A45393B44"
x-frame-options
SAMEORIGIN
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://mdec.nelreports.net/api/report?cat=mdocs"}]}
content-type
image/png
x-azure-ref
0r/1AZQAAAABlym5BFiYHRYBO0K+rSJyYQU1TMDRFREdFMTgxNAA3MTY4OTIwZS05ZjViLTRhNjItYjE2ZS1kNWJlNjNjZTYxZTc=
cache-control
public, max-age=1800
expires
Tue, 02 Apr 2024 05:21:59 GMT
/
login-page-iframe.nexhealth.com/ Frame DC79 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login-page-iframe.nexhealth.com/
Requested by
Host: auth.nexhealth.com
URL: https://auth.nexhealth.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.214 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d9057a47df6fad95e0d221ac0fbb5f8f431ce55899750e5196d3d6631ebc0a

Request headers

Referer
https://auth.nexhealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
0
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86de34f3efe791e9-FRA
content-encoding
br
content-type
text/html
date
Tue, 02 Apr 2024 04:51:59 GMT
server
cloudflare
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-lambda-id
0a28238c-fbac-42b7-a510-2da2317a2d24
x-served-by
cache-fra-eddf8230132-FRA
x-timer
S1712033519.726855,VS0,VE950
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5CYZDPHVFB&gtm=45je4410v9138574758za200&_p=1712033518652&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=685410468.1712033519&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712033518&sct=1&seg=0&dl=https%3A%2F%2Fauth.nexhealth.com%2Flogin&dt=Log%20in%20to%20NexHealth&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=742
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5CYZDPHVFB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Apr 2024 04:51:58 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://auth.nexhealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://auth.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 15:53:06 GMT
x-content-type-options
nosniff
age
219532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Mar 2025 15:53:06 GMT
nh-login-screen.626a4e475.min.css
assets-global.website-files.com/64db882c477fbd854f5064f4/css/ Frame DC79 		60 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/64db882c477fbd854f5064f4/css/nh-login-screen.626a4e475.min.css
Requested by
Host: login-page-iframe.nexhealth.com
URL: https://login-page-iframe.nexhealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c44c75cb75265050164b5a713408cea008d29b377e5f920d0cbd12cea574ec9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login-page-iframe.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:52:01 GMT
content-encoding
gzip
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-version-id
6Njk9uz5Ee7vxcJ40uon_Mnyca4VZOqY
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
13263
last-modified
Thu, 21 Mar 2024 18:36:32 GMT
server
AmazonS3
etag
"4fc1015c73407fed05aa1946638ac9d5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
Kqr4Z1GvyOK3-aYj97cOy0LAtzMkV_eyWBvkcGTi0dEoM3kveKcaZg==
65720a304ba4516ea059e6fe_Med%20Alerts%20Updated-p-500.png
assets-global.website-files.com/64db882c477fbd854f5064f4/ Frame DC79 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/64db882c477fbd854f5064f4/65720a304ba4516ea059e6fe_Med%20Alerts%20Updated-p-500.png
Requested by
Host: login-page-iframe.nexhealth.com
URL: https://login-page-iframe.nexhealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a49d35512cecf90cc240a58b4997c9eeb8ffdf4022bb2a1b7573f75f9a57e828

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login-page-iframe.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Jan 2024 08:48:20 GMT
x-amz-version-id
KJ0Bd77QMaXJi59J2n_V0vFQBHZknC9e
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
age
6033819
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
102103
last-modified
Thu, 07 Dec 2023 18:08:52 GMT
server
AmazonS3
etag
"d0a84feb95e315d1efbe707118642f9f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
LCXyBG3uWfLFXzlKbmzERWW3PoWRT91Iem7A5mZvza8acpzeMuyeAA==
65b14ba104a71d0ebe33f4e7_state-of-dental-book-p-500.jpg
assets-global.website-files.com/64db882c477fbd854f5064f4/ Frame DC79 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/64db882c477fbd854f5064f4/65b14ba104a71d0ebe33f4e7_state-of-dental-book-p-500.jpg
Requested by
Host: login-page-iframe.nexhealth.com
URL: https://login-page-iframe.nexhealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b795b817a5ac329b7ff3ed13c43676a1e1b13b40396ddb5189f8229fc97c3d52

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login-page-iframe.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Jan 2024 18:01:34 GMT
x-amz-version-id
6FXVKsK830hvyKLtipfIyV7naEORvQr0
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
age
5914226
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31426
last-modified
Wed, 24 Jan 2024 17:40:51 GMT
server
AmazonS3
etag
"32c49c6fd82d8e1a282e738199858297"
content-type
image/jpg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
sKYVGpd0C0ChfLfFMdgFWrl22ulj10_Lx6pXV1w8eVO88A3leBdrFA==
65e8a7096cbcbd78b1cc963c_spring-release-calendar-p-800.png
assets-global.website-files.com/64db882c477fbd854f5064f4/ Frame DC79 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/64db882c477fbd854f5064f4/65e8a7096cbcbd78b1cc963c_spring-release-calendar-p-800.png
Requested by
Host: login-page-iframe.nexhealth.com
URL: https://login-page-iframe.nexhealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
475d29b5cf83e1de27329b88bd591ccff03ed123a6b551832bad16c809a72eb9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login-page-iframe.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 06 Mar 2024 19:11:22 GMT
x-amz-version-id
CrBEPvbUOaNl512G2ZmvnJ8NKe2Vzj61
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
age
2281238
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
43922
last-modified
Wed, 06 Mar 2024 17:25:31 GMT
server
AmazonS3
etag
"e7fb04587f4d88ab35a6baa8a2d7bf92"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
PNwWNeNqknyvksdZL4v24RhgNNKP-IhjPDrBsifbBtiFKr2_sdUwqg==
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ Frame DC79 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=64db882c477fbd854f5064f4
Requested by
Host: login-page-iframe.nexhealth.com
URL: https://login-page-iframe.nexhealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.20.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-20-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login-page-iframe.nexhealth.com/
Origin
https://login-page-iframe.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 03:46:22 GMT
content-encoding
br
via
1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
age
3938
x-amz-cf-pop
FRA56-P11
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
JOokp01twszQibQo8r3tbZp4H7YVr5aq-OhBxDO7TzByIxvlbdjL9Q==
nh-login-screen.7e2877a91.js
assets-global.website-files.com/64db882c477fbd854f5064f4/js/ Frame DC79 		172 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/64db882c477fbd854f5064f4/js/nh-login-screen.7e2877a91.js
Requested by
Host: login-page-iframe.nexhealth.com
URL: https://login-page-iframe.nexhealth.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:c400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a16a205c513353955d8fddd3af41fdea3b339e67b72c0fd80c65d25efd87d9a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login-page-iframe.nexhealth.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Vnq6oTI288NlM8KqpDCd0nm2YXq1q.so
content-encoding
gzip
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
date
Mon, 01 Apr 2024 16:11:18 GMT
age
45642
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
65566
last-modified
Thu, 21 Mar 2024 18:36:32 GMT
server
AmazonS3
etag
"7b65853b61429df4790fc71d62a1b200"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
xg5CM8IJL1gckR7mfvBS2bg4f12RvHizAy6H4sJuZFMpxGmiy1a8Kw==
65086862cd29110d53d58143_TT%20Hoves%20Pro%20DemiBold.ttf
assets.website-files.com/64db882c477fbd854f5064f4/ Frame DC79 		195 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/64db882c477fbd854f5064f4/65086862cd29110d53d58143_TT%20Hoves%20Pro%20DemiBold.ttf
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/64db882c477fbd854f5064f4/css/nh-login-screen.626a4e475.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f200:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbd940019a582bd0e115e232a81c59adff297b29ec96b1947a53398d2dfb8690

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://assets-global.website-files.com/
Origin
https://login-page-iframe.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 13:29:35 GMT
x-amz-version-id
__jlB82ZBWi7JTWb_wRtkjKka_jpUdcs
content-encoding
br
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
age
55346
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 18 Sep 2023 15:10:28 GMT
server
AmazonS3
etag
W/"979cd383feb46d5cb6e43c99ba004ca7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
NsjC2B-e7ZyXdHy10Ec4P6hUA_50EMtalD5NpyCzaRfDgc7QEjhNdw==
65086862fbc88f5200274b03_TT%20Hoves%20Pro%20Medium.ttf
assets.website-files.com/64db882c477fbd854f5064f4/ Frame DC79 		195 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/64db882c477fbd854f5064f4/65086862fbc88f5200274b03_TT%20Hoves%20Pro%20Medium.ttf
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/64db882c477fbd854f5064f4/css/nh-login-screen.626a4e475.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:f200:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6420d10bd7bc29966fcc34a2bb4ad07a787aa647ae6650576898701a6326f16

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://assets-global.website-files.com/
Origin
https://login-page-iframe.nexhealth.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 13:39:02 GMT
x-amz-version-id
2f5YPxE.ZmywnSjmNO5S9kRr0QkBH.0M
content-encoding
br
via
1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront)
age
54779
x-amz-cf-pop
FRA60-P9
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Mon, 18 Sep 2023 15:10:27 GMT
server
AmazonS3
etag
W/"add7fb9aa8c3e27949bedef0aaf27397"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
NNzNz_NfmdL9tHAZY6Q_cclryQlo_8JcUrbK42OFtrEeUxL5x9S39A==
favicon-32x32.png
auth.nexhealth.com/images/ 		455 B
703 B 		Other
General
Check archive.org
Download Go to
Full URL
https://auth.nexhealth.com/images/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.214 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e0f4bc0ed907e86dde5aa3304f9a512b3467879f8a64a42b43eca2aa2591413

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://auth.nexhealth.com/login
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:52:00 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 01 Apr 2024 22:20:34 GMT
server
cloudflare
etag
"660b3332-1c7"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
86de34fe3dbc193f-FRA
alt-svc
h3=":443"; ma=86400
content-length
455
expires
Wed, 03 Apr 2024 04:52:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| flatpickr

5 Cookies

Domain/Path Name / Value
.nexhealth.info/ Name: __cf_bm
Value: mdd2kBj4EMsTrwCcY7wb5HgqoHulTLevHf5LHQWDXmI-1712033518-1.0.1.1-3JyI7_J1GXuk49YZIC.bVHEzj3tV5SCrUDQY.J.upzpeGsMUZ03RqcXM66zu836SEhGiI2uTu89qXLmn2BPm0A
auth.nexhealth.com/ Name: _nexhealth_session
Value: a46b3c8b7da1d70d4260dc44e14b7230
.nexhealth.com/ Name: _ga
Value: GA1.1.685410468.1712033519
.nexhealth.com/ Name: _ga_5CYZDPHVFB
Value: GS1.1.1712033518.1.0.1712033518.0.0.0
.nexhealth.com/ Name: __cf_bm
Value: 843bajV2KnO74aFZFNK8vsxeI4BxV.i0AFqF8Nsxq94-1712033519-1.0.1.1-Pqa3TmXWh9z0wGyQDTlj.9EP5cjP1iO8Rlfyuzyw.hh9HaC0oG7rhr54a1HiuLlOc937dUqzB4HbQgejlJJUTQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-global.website-files.com
assets.website-files.com
auth.nexhealth.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
learn.microsoft.com
login-page-iframe.nexhealth.com
nexhealth.info
region1.google-analytics.com
www.googletagmanager.com
172.64.144.214
18.244.20.109
2.18.98.139
2001:4860:4802:34::36
2600:9000:21f3:c400:12:9e5f:cac0:93a1
2600:9000:235a:f200:11:3b84:d200:93a1
2606:4700:4400::6812:288d
2606:4700:4400::ac40:90d6
2a00:1450:4001:806::200a
2a00:1450:4001:810::2003
2a00:1450:4001:830::2008
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
02de40b522f39aa8e1cc7793e1ca24f13806fe3757a8ff0021d91087f93308f0
0637b61bab10240f89e93419c3c57ae26e9068df0ae09746dbe1966ebbf94f89
1c44c75cb75265050164b5a713408cea008d29b377e5f920d0cbd12cea574ec9
1e0f4bc0ed907e86dde5aa3304f9a512b3467879f8a64a42b43eca2aa2591413
475d29b5cf83e1de27329b88bd591ccff03ed123a6b551832bad16c809a72eb9
4c55a1f94d6294e2f2963eb3141374e0b7270d78c3c60cdd34844ee44c64aa04
535c77e0464fbaa625d265861c68736b31fb412e5e24242ede2f93164e3e02e4
55dedb488129977920bdb03518ff5669484cf93f695b0672bcafa31be14f689b
5a16a205c513353955d8fddd3af41fdea3b339e67b72c0fd80c65d25efd87d9a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
a49d35512cecf90cc240a58b4997c9eeb8ffdf4022bb2a1b7573f75f9a57e828
abaa91574b6fac3d2cff2d625ff713cb81357ad29ac23d246b306e58ef1879ba
b2d9057a47df6fad95e0d221ac0fbb5f8f431ce55899750e5196d3d6631ebc0a
b795b817a5ac329b7ff3ed13c43676a1e1b13b40396ddb5189f8229fc97c3d52
bbd940019a582bd0e115e232a81c59adff297b29ec96b1947a53398d2dfb8690
cdb22014580305a4ab6d6c6788b5784d76175aa3698940a2a5e17fb73243199b
d6420d10bd7bc29966fcc34a2bb4ad07a787aa647ae6650576898701a6326f16
d70c40331c2ec33bf539a0c62ed658c541a1a62b6c3b53882c115dde03ab27dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc6ec51a0ff2a2c3314e3f98f47c75beb6ca294e70569cdc457a05fe7028d8d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d