urlscan.io logo urlscan.io
SecurityTrails logo

ec.hep2go.com Open in urlscan Pro
131.153.152.211  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hep2go.com/
Effective URL: https://ec.hep2go.com/
Submission: On October 22 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 17 HTTP transactions. The main IP is 131.153.152.211, located in United States and belongs to SS-ATL, US. The main domain is ec.hep2go.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on March 9th 2024. Valid for: a year.
This is the only time ec.hep2go.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    174.138.160.75 (Phoenix, United States)

ASN20454 (SSASN2, US)
PTR: h3026.securedservers.com
hep2go.com
www.hep2go.com
12    131.153.152.211 (United States)

ASN11572 (SS-ATL, US)
PTR: bwh7750.bwhserver.com
ec.hep2go.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
15 hep2go.com
hep2go.com — Cisco Umbrella Rank: 84269
www.hep2go.com — Cisco Umbrella Rank: 87629
ec.hep2go.com
443 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3643
22 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
96 KB
17 3
Domain Requested by
12 ec.hep2go.com ec.hep2go.com
2 www.google-analytics.com ec.hep2go.com
www.google-analytics.com
2 www.hep2go.com 1 redirects ec.hep2go.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 hep2go.com 1 redirects
17 6

This site contains links to these domains. Also see Links.

Domain
www.hep2go.com
Subject Issuer Validity Valid
*.hep2go.com
Go Daddy Secure Certificate Authority - G2		 2024-03-09 -
2025-03-11		 a year crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hep2go.com
Go Daddy Secure Certificate Authority - G2		 2024-01-05 -
2025-02-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ec.hep2go.com/
Frame ID: 94B38422C2112281DCB78A2F40FF8860
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HEP2go - Online Home Exercise Program - Rehab - Physical Therapy, Occupational Therapy, Physical therapist, Occupational Therapist, Therapeutic Exercises, HEP

Page URL History Show full URLs

  1. https://hep2go.com/ HTTP 301
    https://www.hep2go.com/ HTTP 302
    https://ec.hep2go.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

6
Subdomains

5
IPs

2
Countries

560 kB
Transfer

762 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hep2go.com/ HTTP 301
    https://www.hep2go.com/ HTTP 302
    https://ec.hep2go.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ec.hep2go.com/
Redirect Chain
  • https://hep2go.com/
  • https://www.hep2go.com/
  • https://ec.hep2go.com/
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
172b62a2c15f6459ca1f49d5641210ed05e1dda9a6703d3f72fdea212d0f0dfe
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Oct 2024 21:15:35 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Type
text/html
Date
Tue, 22 Oct 2024 21:15:35 GMT
Keep-Alive
timeout=5, max=100
Location
https://ec.hep2go.com/
Server
Apache
Transfer-Encoding
chunked
jquery-1.11.3.min.js
ec.hep2go.com/javascript/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/javascript/jquery-1.11.3.min.js
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"55e92169-176d5"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
95957
Date
Tue, 22 Oct 2024 21:15:35 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Fri, 04 Sep 2015 04:43:21 GMT
Server
nginx/1.18.0 (Ubuntu)
user_ref.001.js
ec.hep2go.com/javascript/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/javascript/user_ref.001.js
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f65a676b9f0fdd85562a52d1a4c0f77b3b4bd6aacf3d8e64bb5d986aa7656c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"642b56b5-201f"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
8223
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Mon, 03 Apr 2023 22:44:05 GMT
Server
nginx/1.18.0 (Ubuntu)
obj.js
ec.hep2go.com/include/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/include/obj.js
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8fefa0f6226cb29f648c2d7e6a24d7a347480ca20b789186842d77e3d66d299a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"5bf5e139-231a"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
8986
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Wed, 21 Nov 2018 22:50:33 GMT
Server
nginx/1.18.0 (Ubuntu)
cart.001.js
ec.hep2go.com/javascript/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/javascript/cart.001.js
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
752960d808c170c149608d1015c54cefca5cdd2af8f663b199f95fed51d78fd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"64232b03-9e18"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
40472
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Tue, 28 Mar 2023 17:59:31 GMT
Server
nginx/1.18.0 (Ubuntu)
scripts.002.js
ec.hep2go.com/javascript/ 		20 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/javascript/scripts.002.js
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5422e23654bf2dc270c91128fbd11f67d33257af2683240dbf5a6840f44d32d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"5fde9b09-5025"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
20517
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
application/javascript
Last-Modified
Sun, 20 Dec 2020 00:30:01 GMT
Server
nginx/1.18.0 (Ubuntu)
try-it-out-over-3.jpg
ec.hep2go.com/images/ 		228 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ec.hep2go.com/images/try-it-out-over-3.jpg
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8def32176a05a2889f906391499132a0d869c0a9421fc4da5be59b2fd6996304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"623caa6e-3907e"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
233598
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/jpeg
Last-Modified
Thu, 24 Mar 2022 17:29:18 GMT
Server
nginx/1.18.0 (Ubuntu)
log-in-index.jpg
ec.hep2go.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ec.hep2go.com/images/log-in-index.jpg
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fde5c7bb7e7027e5edc43a275e53059eaab19bba01060ebe81f0ca251a4afb9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"59a89faf-b0b"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
2827
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/jpeg
Last-Modified
Thu, 31 Aug 2017 23:45:51 GMT
Server
nginx/1.18.0 (Ubuntu)
sign-up-index.jpg
ec.hep2go.com/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ec.hep2go.com/images/sign-up-index.jpg
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52f2e94a2a70b234e5ef5f5a17cea036f757a7090a00c955f2df5074330a7c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"59a89fb2-3ff9"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
16377
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/jpeg
Last-Modified
Thu, 31 Aug 2017 23:45:54 GMT
Server
nginx/1.18.0 (Ubuntu)
logout_get_id.php
ec.hep2go.com/ajax/ 		47 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/ajax/logout_get_id.php?userRef=gciaake
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/javascript/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5724c65ee69a18c99cbc2253b85b37139e4e7003bf11375123f815ff473b8a12
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ec.hep2go.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Date
Tue, 22 Oct 2024 21:15:36 GMT
Content-Type
text/html; charset=UTF-8
Server
nginx/1.18.0 (Ubuntu)
X-Frame-Options
SAMEORIGIN
progress.gif
ec.hep2go.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ec.hep2go.com/images/progress.gif
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f76ac5ec61361d5c9a9963ac3170eeff796dd2e590bb7786ad9c86be77b658a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"611dafef-2c87"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
11399
Date
Tue, 22 Oct 2024 21:15:36 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/gif
Last-Modified
Thu, 19 Aug 2021 01:12:15 GMT
Server
nginx/1.18.0 (Ubuntu)
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

content-encoding
gzip
age
6327
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 21:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 19:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
ur_get_user_name_ec.php
www.hep2go.com/ajax/ 		54 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hep2go.com/ajax/ur_get_user_name_ec.php
Requested by
Host: ec.hep2go.com
URL: https://ec.hep2go.com/javascript/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.138.160.75 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
h3026.securedservers.com
Software
Apache /
Resource Hash
07928fb03f38d342a06880ae5701b1772a2d89c5f0e5fe3f13c61c0676f202d0

Request headers

Referer
https://ec.hep2go.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Transfer-Encoding
chunked
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Connection
Keep-Alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Keep-Alive
timeout=5, max=100
Date
Tue, 22 Oct 2024 21:15:36 GMT
Content-Type
application/javascript
Server
Apache
collect
www.google-analytics.com/j/ 		15 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1720035991&t=pageview&_s=1&dl=https%3A%2F%2Fec.hep2go.com%2F&ul=de-de&de=UTF-8&dt=HEP2go%20-%20Online%20Home%20Exercise%20Program%20-%20Rehab%20-%20Physical%20Therapy%2C%20Occupational%20Therapy%2C%20Physical%20therapist%2C%20Occupational%20Therapist%2C%20Therapeutic%20Exercises%2C%20HEP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=368746513&gjid=1346134598&cid=1558514800.1729631737&tid=UA-44212121-1&_gid=1907392252.1729631737&_r=1&_slc=1&z=1494261907
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1860b66a7b7385c51dd58da95a989bb4aee2f0032b9a3ab1b0885facc7d3117b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://ec.hep2go.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:15:36 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://ec.hep2go.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		272 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WMZXJKTR1T&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fd0081ec1b657882bd111437cfe7af24ed236127ec8adc69012cce0f757a4945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 22 Oct 2024 21:15:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:15:36 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98093
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WMZXJKTR1T&gtm=45je4ah0v9135314261za200&_p=1729631736747&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101686685~101794736~101823847~101836706&ul=de-de&sr=1600x1200&cid=1558514800.1729631737&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fec.hep2go.com%2F&dt=HEP2go%20-%20Online%20Home%20Exercise%20Program%20-%20Rehab%20-%20Physical%20Therapy%2C%20Occupational%20Therapy%2C%20Physical%20therapist%2C%20Occupational%20Therapist%2C%20Therapeutic%20Exercises%2C%20HEP&sid=1729631736&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2623
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WMZXJKTR1T&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://ec.hep2go.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 21:15:37 GMT
content-type
text/plain
server
Golfe2
favicon.ico
ec.hep2go.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ec.hep2go.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
131.153.152.211 , United States, ASN11572 (SS-ATL, US),
Reverse DNS
bwh7750.bwhserver.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
687efd36ee769aaa5e43958fc8052b7c4981b4001caf3785558525c40e2da52a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://ec.hep2go.com/

Response headers

ETag
"50bde84f-47e"
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
1150
Date
Tue, 22 Oct 2024 21:15:37 GMT
X-XSS-Protection
1; mode=block
Content-Type
image/x-icon
Last-Modified
Tue, 04 Dec 2012 12:10:55 GMT
Server
nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery boolean| urInitialized string| userRef string| GSERVER string| GSERVER_SSL string| GHOST string| h2g string| GSERVER_CUR string| pageUrl string| pageProtocol function| urInit function| urDoInit function| urCheckA function| urCheckImg function| urCheckForm function| urGetImgUrl function| urCheckUrl function| urCheckHost function| urGetJsUrl function| urCheckQuery function| urCheckQuery0 function| getUserRef function| urShowTitle function| urShowTitleSuccess function| urShowTitleError function| urAddEvent function| userIdToUserRef function| oriAjax number| logoutTime number| logoutTimeSyncDiff object| oriTime number| logoutInitSecs number| logoutBackendInitSecs number| steps function| recordActivity function| checkLogoutCounter function| logoutBackendUpdate function| logoutBackendUpdateSuccess function| logoutBackendUpdateError function| logoutReset function| logoutGetId function| logoutGetIdSuccess function| logoutAllSuccess function| logoutAllError function| incrementCounters function| getSecs function| doLogout function| exampleObj function| objFromJson function| objToJson function| objEncode function| arrayEncode function| objDecode function| arrayDecode function| rawUrlEncode function| rawUrlDecode function| isArray function| objAddNewLines function| objAddNewLinesArray string| sPath string| GDOMAIN string| GCOOKIE_DOMAIN string| GCOOKIE_PATH object| excDefault object| imgProgress object| urlIgnore function| checkUrl function| parseUri object| ex_custom function| fetch_user function| element_visible function| update_login_status function| logout function| valid_website function| valid_email_id function| validate_invite_form function| save_print_page function| update_print_page function| previous_url function| add_favourite function| reset_exercise function| save_ex_user_custom function| show_ex_user_custom function| ajaxObject function| search_page function| showMyPrintPage function| selectOptionsExc function| excRecord function| ex_params function| popup_dialog function| close_dialog function| add_more_exercises function| close_routine function| addExercise function| elementLeftTop function| popup_url function| popup_private_ex_message function| show_ex_description function| close_ex_description function| saveExForPosting function| reset function| printNotice function| closeNotice function| selectOptions function| getElementValue function| setElementValue function| showProgress function| hideProgress function| hideProgress_1 function| elementText function| setElementText function| setCookie function| getCookie function| urlAbsolute function| rootDir function| splitUrl function| readExcDefault function| isPrintCard function| addEvent function| setSearchPage function| updateCancelLink function| url_param_string function| url_param function| set_url_param function| textfield_keypress function| elementInnerText function| nonNull function| serverResponse function| stringsMatch function| submit_form function| ignore_url function| trim function| inQuotes function| ensureElementValue function| strings_match function| _form function| submit_membership_form function| submit_login_form function| submit_forgot_password_form function| submit_new_routine_form function| submit_update_profile_form function| deactivate_account function| activate_profile_edit function| submit_user_newexercise_form function| delete_user_routine function| delete_custom_ex function| fetch_url_ajax function| updated_exercises function| exercise_updated_row function| radio_value function| show_info function| replaceAll function| chkPass function| checkPasswordStrength string| GoogleAnalyticsObject function| ga function| indexInit function| getUsers function| getUsersSuccess function| showUsers function| hideUsers function| showUser function| MM_preloadImages function| MM_swapImgRestore function| MM_findObj function| MM_swapImage object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

5 Cookies

Domain/Path Name / Value
.hep2go.com/ Name: PHPSESSID
Value: oej1cv24cbjt8bnqgi42qc2j1g
.hep2go.com/ Name: _ga
Value: GA1.2.1558514800.1729631737
.hep2go.com/ Name: _gid
Value: GA1.2.1907392252.1729631737
.hep2go.com/ Name: _gat
Value: 1
.hep2go.com/ Name: _ga_WMZXJKTR1T
Value: GS1.2.1729631736.1.0.1729631736.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN