prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com Open in urlscan Pro
3.215.63.58  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/	4 KB 2 KB	422ms 134ms	Document text/html	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash 8c493cc807135553e9b4b6bdd8b6a96223138cfe940ff802fbf4be8fbfafbcf0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Cache-Control public, max-age=0 Content-Encoding gzip Content-Length 1489 Content-Type text/html; charset=UTF-8 Date Fri, 13 Dec 2024 23:03:00 GMT Etag W/"fb6-193c23ad1d8" Last-Modified Fri, 13 Dec 2024 22:54:15 GMT Vary Accept-Encoding Via 1.1 spaces-router (3ec5bdba973c) X-Powered-By Express
GET H/1.1	200 OK	runtime.ab7e5cdad80624d2.js Show response prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/	7 KB 4 KB	135ms 135ms	Script application/javascript	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/runtime.ab7e5cdad80624d2.js Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash 1e4e2b7e165447be4e531517d0cb7961127d5927cb896808a94920386e5db535 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers Transfer-Encoding chunked Cache-Control public, max-age=0 Content-Encoding gzip Etag W/"1c59-193c23ac620" Via 1.1 spaces-router (3ec5bdba973c) Accept-Ranges bytes Date Fri, 13 Dec 2024 23:03:00 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Fri, 13 Dec 2024 22:54:12 GMT Vary Accept-Encoding X-Powered-By Express
GET H/1.1	200 OK	polyfills.adb49a9d15ccfb31.js Show response prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/	33 KB 12 KB	271ms 135ms	Script application/javascript	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/polyfills.adb49a9d15ccfb31.js Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash f841b7c20828f69112f8957157903dcd54fa789949d8812e567155fd366ba42d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers Transfer-Encoding chunked Cache-Control public, max-age=0 Content-Encoding gzip Etag W/"856b-193c23ac620" Via 1.1 spaces-router (3ec5bdba973c) Accept-Ranges bytes Date Fri, 13 Dec 2024 23:03:00 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Fri, 13 Dec 2024 22:54:12 GMT Vary Accept-Encoding X-Powered-By Express
GET H/1.1	200 OK	main.31b8d8210337cfa4.js Show response prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/	1 MB 242 KB	387ms 132ms	Script application/javascript	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/main.31b8d8210337cfa4.js Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash cde09c3da8cc1354939a203af3069adb70c5a2b06c52ec206fd0b61adccdf313 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers Transfer-Encoding chunked Cache-Control public, max-age=0 Content-Encoding gzip Etag W/"10f8b5-193c23ac620" Via 1.1 spaces-router (3ec5bdba973c) Accept-Ranges bytes Date Fri, 13 Dec 2024 23:03:01 GMT Content-Type application/javascript; charset=UTF-8 Last-Modified Fri, 13 Dec 2024 22:54:12 GMT Vary Accept-Encoding X-Powered-By Express
GET H2	200	gtm.js Show response www.googletagmanager.com/	631 KB 145 KB	262ms 128ms	Script application/javascript	2a00:1450:4001:80b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NHMV223 Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f4395a15021fb13fa7b9ae4ce5db3906ac21f7b5b4dc6ee0a51ea548a44ae988 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers content-encoding gzip report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Fri, 13 Dec 2024 23:03:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 23:03:01 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 13 Dec 2024 21:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 147804 x-xss-protection 0 server Google Tag Manager
GET H2	200	icon fonts.googleapis.com/	569 B 811 B	214ms 73ms	Stylesheet text/css	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 13 Dec 2024 23:03:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 13 Dec 2024 23:03:00 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 13 Dec 2024 23:03:00 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	200 OK	styles.edfc7ffa92458ed0.css prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/	182 KB 27 KB	397ms 144ms	Stylesheet text/css	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/styles.edfc7ffa92458ed0.css Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash 2870c3e2f0e0738709d29aec2e649c8bb878c0a78229f0f2011468b19ad03281 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers Transfer-Encoding chunked Cache-Control public, max-age=0 Content-Encoding gzip Etag W/"2d9ad-193c23ac620" Via 1.1 spaces-router (3ec5bdba973c) Accept-Ranges bytes Date Fri, 13 Dec 2024 23:03:01 GMT Content-Type text/css; charset=UTF-8 Last-Modified Fri, 13 Dec 2024 22:54:12 GMT Vary Accept-Encoding X-Powered-By Express
GET H3	200	LibreFranklin-Regular.ttf cdn.beverlyhillsmd.com/fonts/	62 KB 63 KB	801ms 738ms	Font binary/octet-stream	172.64.151.99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.beverlyhillsmd.com/fonts/LibreFranklin-Regular.ttf Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.151.99 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21eb64242c251db432f31f2d95fbcc1747ab4ce64291c37c027489b2502ae40d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers cf-cache-status HIT etag "15f42f5f23db86379c72360ab3a57fed" x-amz-version-id null access-control-allow-methods GET expires Sat, 14 Dec 2024 00:03:01 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 13 Dec 2024 23:03:01 GMT content-type binary/octet-stream vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding last-modified Thu, 24 Aug 2023 14:50:11 GMT x-amz-id-2 fQJu7ACQH4snmmmbVxfA/DA6HHZWkoy0rWfdQbL+fitXBYeXbXxzplxvdy3SrsMe3z/0RVQYyQEsm54ZyRB0pw== priority u=0,i=?0 cache-control public, max-age=3600 x-amz-request-id TBCWH2QV5W0Y4P09 cf-ray 8f1995c7ef0af76f-MAD accept-ranges bytes access-control-allow-origin * content-length 63524 server cloudflare x-amz-server-side-encryption AES256
GET H2	200	goldenhippo.jsp Show response www.upsellit.com/active/	101 KB 23 KB	137ms 46ms	Script application/x-javascript	34.117.39.58 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://www.upsellit.com/active/goldenhippo.jsp Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NHMV223 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.39.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 58.39.117.34.bc.googleusercontent.com Software nginx / Resource Hash 71ef7f3471f7061f57673e485625cb92c00028536035a0292ea01d41207725a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=86400 content-encoding gzip age 50693 via 1.1 google expires Sat, 14 Dec 2024 08:58:08 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22860 date Fri, 13 Dec 2024 08:58:08 GMT content-type application/x-javascript;charset=ISO-8859-1 vary Accept-Encoding server nginx
GET H2	200	session_data.jsp Show response app.upsellit.com/utility/	524 B 710 B	594ms 195ms	Script application/x-javascript	66.226.1.69 AS7296
General Check archive.org Show headers Download Go to Full URL https://app.upsellit.com/utility/session_data.jsp?extended=false&si=xf6wtb_1734130981 Requested by Host: www.upsellit.com URL: https://www.upsellit.com/active/goldenhippo.jsp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.226.1.69 Canyon Country, United States, ASN7296 (AS7296, US), Reverse DNS Software nginx / Resource Hash b130b446248696879f31ea3b836db5740c7ebb818ae837f26bd08194c440b4b9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains expires Sat, 14 Dec 2024 23:03:01 GMT cache-control max-age=86400 content-length 524 date Fri, 13 Dec 2024 23:03:01 GMT content-type application/x-javascript;charset=ISO-8859-1 server nginx
GET H/1.1	200 OK	/ Show response prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/env/	160 B 458 B	131ms 131ms	XHR application/json	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/env/ Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/polyfills.adb49a9d15ccfb31.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash 3a9cca1d8fcfdf61209c274e695e9ad2a1b39029a04fe248a7229944f00fc785 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers Cache-Control private, no-cache, max-age = 0 Etag W/"a0-bK9erXRQel47AYHfY/ZdOZwLS9Y" Via 1.1 spaces-router (3ec5bdba973c) Content-Length 160 Date Fri, 13 Dec 2024 23:03:01 GMT Content-Type application/json; charset=utf-8 Vary Accept-Encoding X-Powered-By Express
GET H/1.1	200 OK	/ Show response prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/env/	160 B 217 B	130ms 130ms	XHR application/json	3.215.63.58 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/env/ Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/polyfills.adb49a9d15ccfb31.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.215.63.58 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-215-63-58.compute-1.amazonaws.com Software / Express Resource Hash 3a9cca1d8fcfdf61209c274e695e9ad2a1b39029a04fe248a7229944f00fc785 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers Cache-Control private, no-cache, max-age = 0 Etag W/"a0-bK9erXRQel47AYHfY/ZdOZwLS9Y" Via 1.1 spaces-router (3ec5bdba973c) Content-Length 160 Date Fri, 13 Dec 2024 23:03:01 GMT Content-Type application/json; charset=utf-8 X-Powered-By Express Vary Accept-Encoding
GET H3	200	blue-logo.jpg cdn.beverlyhillsmd.com/images/	6 KB 7 KB	282ms 282ms	Image image/webp	172.64.151.99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.beverlyhillsmd.com/images/blue-logo.jpg Requested by Host: prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com URL: https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/?sessionid= Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.151.99 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 01c12fcb3e6ce212631aa5dd32636ddab16e60b861be687ee4a6e824f0599976 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers cf-bgj imgq:85,h2pri etag "cc799c4dbed3b17dd05e0250fac5d9e1" x-amz-version-id null cf-cache-status HIT expires Sat, 14 Dec 2024 00:03:02 GMT cf-polished qual=85, origFmt=jpeg, origSize=11160 alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 13 Dec 2024 23:03:02 GMT content-type image/webp content-disposition inline; filename="blue-logo.webp" vary Accept last-modified Fri, 18 Aug 2023 23:32:53 GMT x-amz-id-2 YtMqII5Rd6w5ekmK5VMKJ7+9gL+PWSknNCpU9nKXd9a7GT1Qigumse7rm4ssXkRXOsESoAU4Nk8= priority u=3,i cache-control public, max-age=3600 x-amz-request-id H6T6A42WQ0129M6N cf-ray 8f1995cd2ccb8675-MAD accept-ranges bytes content-length 6062 server cloudflare x-amz-server-side-encryption AES256
GET H3	200	favicon.ico cdn.beverlyhillsmd.com/images/	1 KB 730 B	529ms 529ms	Other image/x-icon	172.64.151.99 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.beverlyhillsmd.com/images/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.64.151.99 San Francisco, United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ef41744ac0488afbe1fe993be882c9f1f5bfd8bf22f5bbd03c5219e64de8628 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com/ Response headers content-encoding br cf-cache-status HIT x-amz-version-id null etag W/"46a26e3f30525862a579468e519b9102" expires Sat, 14 Dec 2024 00:03:02 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 13 Dec 2024 23:03:02 GMT content-type image/x-icon last-modified Sun, 08 Oct 2023 19:43:04 GMT vary Accept-Encoding priority u=1,i x-amz-id-2 xOQluB/J3ImVdcnBCo5AS5L0pXJiOeaN1b0KDxg5R4oHbpnCg2F7ClErA2NRIgg1RvPLE5KTznqhG/uut6aDEQ== cache-control public, max-age=3600 x-amz-request-id 8HVYWCNS2STD257X cf-ray 8f1995ceae3c8675-MAD server cloudflare x-amz-server-side-encryption AES256

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| webpackChunkprepurchase_funnel_v2 function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| __zone_symbol__loadfalse function| getCookie string| cookieName string| STTwoPartDomain function| hasOwnProperty object| usi_commons string| usi_cookieless string| usi_session_storage object| usi_cookies object| usi_dom object| usi_date object| usi_user_id object| usi_analytics object| usi_app object| __zone_symbol__messagefalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| usi_session_data function| usi_set_session_data function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beverlyhillsmd.com/	1970-01-21 01:42:12	Name: __cf_bm Value: G3y4UBMsBYaWzYoKkHvykMhgTB.TVtZvP2itQXQv7A0-1734130982-1.0.1.1-De9sFs.8O5zh6IKKjpibF0LzcDV_itax3JF7zodzgDDPtcBT1m3sQ5t.Bo7FfBa_8aG_52GWdIhAbFy6ixDfXw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.upsellit.com
cdn.beverlyhillsmd.com
fonts.googleapis.com
prod-ps-prepurchase-bhmd-test-d1388f0532af.herokuapp.com
www.googletagmanager.com
www.upsellit.com
172.64.151.99
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2008
3.215.63.58
34.117.39.58
66.226.1.69
01c12fcb3e6ce212631aa5dd32636ddab16e60b861be687ee4a6e824f0599976
1e4e2b7e165447be4e531517d0cb7961127d5927cb896808a94920386e5db535
21eb64242c251db432f31f2d95fbcc1747ab4ce64291c37c027489b2502ae40d
2870c3e2f0e0738709d29aec2e649c8bb878c0a78229f0f2011468b19ad03281
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
3a9cca1d8fcfdf61209c274e695e9ad2a1b39029a04fe248a7229944f00fc785
3ef41744ac0488afbe1fe993be882c9f1f5bfd8bf22f5bbd03c5219e64de8628
71ef7f3471f7061f57673e485625cb92c00028536035a0292ea01d41207725a1
8c493cc807135553e9b4b6bdd8b6a96223138cfe940ff802fbf4be8fbfafbcf0
b130b446248696879f31ea3b836db5740c7ebb818ae837f26bd08194c440b4b9
cde09c3da8cc1354939a203af3069adb70c5a2b06c52ec206fd0b61adccdf313
f4395a15021fb13fa7b9ae4ce5db3906ac21f7b5b4dc6ee0a51ea548a44ae988
f841b7c20828f69112f8957157903dcd54fa789949d8812e567155fd366ba42d