urlscan.io logo urlscan.io
SecurityTrails logo

security.painchek.com Open in urlscan Pro
2a09:8280:1:667:634a:5608:6788:3e70  Public Scan

Go To Rescan Add Verdict Report
URL: https://security.painchek.com/
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 84 HTTP transactions. The main IP is 2a09:8280:1:667:634a:5608:6788:3e70, located in United States and belongs to FLY, US. The main domain is security.painchek.com.
TLS certificate: Issued by E5 on June 28th 2024. Valid for: 3 months.
This is the only time security.painchek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 52 2a09:8280:1:6... 40509 (FLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.27.44 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 34.120.195.249 396982 (GOOGLE-CL...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
9 99.86.8.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
84 15
52    2a09:8280:1:667:634a:5608:6788:3e70 (United States)

ASN40509 (FLY, US)
security.painchek.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.27.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-44.fra56.r.cloudfront.net
logo.clearbit.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o410058.ingest.sentry.io
7    2606:4700::6812:582 (United States)

ASN13335 (CLOUDFLARENET, US)
sdk-split.safebase.io
cdn-segment.safebase.io
api-segment.safebase.io
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.recaptcha.net
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
9    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6812:109b (United States)

ASN13335 (CLOUDFLARENET, US)
js.userpilot.io
1    2606:4700::6812:119b (United States)

ASN13335 (CLOUDFLARENET, US)
find.userpilot.io
Apex Domain
Subdomains		 Transfer
52 painchek.com
security.painchek.com
2 MB
9 segment.com
cdn.segment.com — Cisco Umbrella Rank: 3005
98 KB
7 safebase.io
sdk-split.safebase.io — Cisco Umbrella Rank: 466719
cdn-segment.safebase.io
api-segment.safebase.io
app.safebase.io Failed
35 KB
3 userpilot.io
js.userpilot.io — Cisco Umbrella Rank: 35358
find.userpilot.io — Cisco Umbrella Rank: 47838
284 KB
3 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 4178
rs.fullstory.com — Cisco Umbrella Rank: 4041
79 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
295 KB
2 recaptcha.net
www.recaptcha.net — Cisco Umbrella Rank: 1812
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
85 KB
1 sentry.io
o410058.ingest.sentry.io
299 B
1 clearbit.com
logo.clearbit.com — Cisco Umbrella Rank: 46929
9 KB
84 11
Domain Requested by
52 security.painchek.com 2 redirects security.painchek.com
9 cdn.segment.com security.painchek.com
cdn-segment.safebase.io
cdn.segment.com
4 sdk-split.safebase.io security.painchek.com
2 js.userpilot.io cdn.segment.com
js.userpilot.io
2 api-segment.safebase.io security.painchek.com
2 www.recaptcha.net security.painchek.com
www.gstatic.com
2 edge.fullstory.com security.painchek.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com security.painchek.com
1 find.userpilot.io security.painchek.com
1 www.googletagmanager.com cdn.segment.com
1 cdn-segment.safebase.io security.painchek.com
1 www.gstatic.com www.recaptcha.net
1 rs.fullstory.com security.painchek.com
1 o410058.ingest.sentry.io security.painchek.com
1 logo.clearbit.com security.painchek.com
0 app.safebase.io Failed
84 17

This site contains links to these domains. Also see Links.

Domain
painchek.com
safebase.io
Subject Issuer Validity Valid
security.painchek.com
E5		 2024-06-28 -
2024-09-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
edge.fullstory.com
WR3		 2024-08-24 -
2024-11-22		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
safebase.io
WE1		 2024-07-10 -
2024-10-08		 3 months crt.sh
misc.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
rs.fullstory.com
WR3		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
userpilot.io
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://security.painchek.com/
Frame ID: 066784B4F0DCEF0F0759174E4EF672DE
Requests: 78 HTTP requests in this frame

Frame: https://security.painchek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: D43532295715C149057D308504CFCE1B
Requests: 2 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfJ8wojAAAAAAWs_gKrU2jrPCTiAxkHXbwl2EId&co=aHR0cHM6Ly9zZWN1cml0eS5wYWluY2hlay5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&badge=bottomleft&cb=95lsskmzh9vo
Frame ID: 677B69141AE6846C60BAA57316E81E41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PainChek Trust Centre | Powered by SafeBase

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

84
Requests

95 %
HTTPS

64 %
IPv6

11
Domains

17
Subdomains

15
IPs

2
Countries

2723 kB
Transfer

8295 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://security.painchek.com/api/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/logo.png HTTP 307
  • https://logo.clearbit.com/painchek.com
Request Chain 48
  • https://security.painchek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://security.painchek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

84 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
security.painchek.com/ 		146 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
2507c6efd15d6e4eb3ebf8d418c1de6b875256f30e34571f2d7053ba28d1a578
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-RZnGbBX4L6KU2L6GH8hHqQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
1
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
HIT
cf-ray
8ba276b1bc190a50-AMS
content-encoding
br
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-RZnGbBX4L6KU2L6GH8hHqQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 28 Aug 2024 07:07:18 GMT
fly-request-id
01J6BWYTR7WP126RHZ79X61SKJ-fra
origin-agent-cluster
?1
referrer-policy
no-referrer,strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google, 2 fly.io
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
acc535928b385795.css
security.painchek.com/_next/static/css/ 		229 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/css/acc535928b385795.css
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
eabe1d070186dc76917efb7b52c3fa3e421003be7c88af140dae71880c9314fd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-8Ls/QH9N0tdggEdFEyFdtg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-8Ls/QH9N0tdggEdFEyFdtg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTVYKN0V1N2F7YRER6BM-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"3958f-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b27cd566f0-AMS
5458cdd3c66c8be8.css
security.painchek.com/_next/static/css/ 		21 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/css/5458cdd3c66c8be8.css
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
e53a87b5bcab866622c429a5a8f2938efc4d75eb7b40f96426f899fcc74327ee
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ppw191cqhQVCVEKaaNqiHw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ppw191cqhQVCVEKaaNqiHw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTVYSVXVB53R2DBKRPBC-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"5436-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b278170e9c-AMS
2ec262ea86cf7ecc.css
security.painchek.com/_next/static/css/ 		25 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/css/2ec262ea86cf7ecc.css
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
f922ec3e091e0e50cc095ba59b0b88f759414c2b98f50aa936307c4cd514cdcd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-2lYJvjASBY7qFLYBaxL0Fw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-2lYJvjASBY7qFLYBaxL0Fw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTVY6MJAZ18HNDMCP0SJ-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"6228-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b27e711afa-AMS
webpack-3b000ff3af850b8f.js
security.painchek.com/_next/static/chunks/ 		4 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/webpack-3b000ff3af850b8f.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
433695a6a1606da71a12efdc51c1df5df1bc698b02a93a5c7ae2e1dd409e4f4a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-u6LOze1tJ5qMEXFciHOh/A==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-u6LOze1tJ5qMEXFciHOh/A==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWH3CFAVQ382S6192NZ-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"10cd-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b29b47669d-AMS
framework-2c15c603e130d21e.js
security.painchek.com/_next/static/chunks/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/framework-2c15c603e130d21e.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
70776cd7c783e9b2ab03dc38ca3aaa42ed8cb0fe923c153a4df57c69662824a6
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-jLVJCuMxUYqj+U+f+PJFfg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-jLVJCuMxUYqj+U+f+PJFfg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWHGCB01D8SEE0Y3TW0-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"226cc-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b29f76970d-AMS
main-8b9b0cab598388c7.js
security.painchek.com/_next/static/chunks/ 		107 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/main-8b9b0cab598388c7.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
7d638f35697ee000c384f23f81af4a331bf5960e20baae4eeb7fc46998ef9376
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-fUFSGuJ7tGQTtZ8qHgunYQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-fUFSGuJ7tGQTtZ8qHgunYQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWHMPKX2F854S5119QN-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"1ab87-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b29acd06dc-AMS
_app-0b470aa4165aa182.js
security.painchek.com/_next/static/chunks/pages/ 		3 MB
895 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
a68d51bd551c3e68143c04aa6a6f868ab10d0c1ace0f090ef5886ef7718731a4
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-4mDvKHFl2vHJagu4IQu14A==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-4mDvKHFl2vHJagu4IQu14A==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWH63S9Q0YY67H09XAS-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"2cc977-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b298e2b8f7-AMS
ec5d7cc0-1467a4d25296d78f.js
security.painchek.com/_next/static/chunks/ 		300 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/ec5d7cc0-1467a4d25296d78f.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
094dd20420b90c9fccabbb0f1fd843fadd6a505b2a697a09c168e63843464c9f
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-WGXkdZhTImn1T6Sv8XKYCQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-WGXkdZhTImn1T6Sv8XKYCQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWHZR6956GCFFYXA4ZS-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"4aee8-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b29c851afe-AMS
5140-fff4c0b56b11d1f8.js
security.painchek.com/_next/static/chunks/ 		27 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/5140-fff4c0b56b11d1f8.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
4aa48963d8eefdbac551b06d0bf4a6758f261e1e84b633cd4b6f669e6778126a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-/lrd4rZpX8JWEx7IiU+lNQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-/lrd4rZpX8JWEx7IiU+lNQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWHXZPE3K087NN4MQBQ-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"6bd4-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b29c4e665b-AMS
7610-9b1a3df5056d7938.js
security.painchek.com/_next/static/chunks/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/7610-9b1a3df5056d7938.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
563f1063f811d215295ad483e2f2f2f8fcdf69a074736e08d726aae9100a0f75
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-IdX9P8IIlEeUcYmLLtYyzQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-IdX9P8IIlEeUcYmLLtYyzQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWTQVE7AD0T0P9GG6C6-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"1e18-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2aca596fa-AMS
8158-64214328da56574e.js
security.painchek.com/_next/static/chunks/ 		178 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/8158-64214328da56574e.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
099963284bd47d6e4cf88f2b4651e044ce983030c90beeca0fb417c47ee6dd38
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Cyg3ybYXDJCxn3w2ezZPlA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Cyg3ybYXDJCxn3w2ezZPlA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWT5T4CA6GKMZAKJE7K-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"2c934-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2ae7d6610-AMS
7172-c74bb67334bbee1b.js
security.painchek.com/_next/static/chunks/ 		10 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/7172-c74bb67334bbee1b.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
23311ce2b79f029749d0e8984a3e49cc276df2c21ca91886aafbd5235bc09c84
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ouiHRz6GC3JKLs8DSCnOuA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ouiHRz6GC3JKLs8DSCnOuA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWVVRSYC7QQN1QWZ8EF-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"26ad-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2a96066fd-AMS
3955-c62ae0392a7d1a56.js
security.painchek.com/_next/static/chunks/ 		27 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/3955-c62ae0392a7d1a56.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
37ead7a36b6176b3d91955ef84a216acf609ae60f030516ce02aa298dded5a04
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-02UapuIfbLDSgvyIPfOY5g==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-02UapuIfbLDSgvyIPfOY5g==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWV74AYMH9N8V70C1YH-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"6a1d-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2af75b790-AMS
5791-94c8f526a760f778.js
security.painchek.com/_next/static/chunks/ 		10 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/5791-94c8f526a760f778.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
adcf829f46be0e2800d59abafdc39a830ab24ec56eed2e2a372e241a1526a014
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ViRC151yp8G1ZzCfkeDROg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ViRC151yp8G1ZzCfkeDROg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWVP816ZJ80WYZJY54K-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"2691-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2ae46b74c-AMS
8337-040eb9fe8e4fc3b7.js
security.painchek.com/_next/static/chunks/ 		76 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/8337-040eb9fe8e4fc3b7.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
2326e822f2d40a5e367b1accea569229c40f86136adecfea73c578e621e815bd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-F92zgqXGapofvRRtsl7Rjw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-F92zgqXGapofvRRtsl7Rjw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWVPDTNHZ4PK3E8ZYDH-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"12fd1-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2ab20b97a-AMS
5138-f263bbf7a499407a.js
security.painchek.com/_next/static/chunks/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/5138-f263bbf7a499407a.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
fc7a84a1254bb6db339dc2a8d9e183c5c562edbe87546432fa3bd31d64fad0f0
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-P+AKC+rN+yOilWkY81q9jQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-P+AKC+rN+yOilWkY81q9jQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWV02NP6YX05GGBPEE7-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"1f08-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2ac702868-AMS
1120-610ca432f8b945ad.js
security.painchek.com/_next/static/chunks/ 		11 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/1120-610ca432f8b945ad.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
5a77a5419c45c973af76b5bcc25ba9ef275045aa14bfcd81cccdd78ec080c677
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-wCxbpElQbGiIvDR5Xt5kxg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-wCxbpElQbGiIvDR5Xt5kxg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWV7P9HDT5TFWRD0Z4F-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"2a36-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2abf4b73a-AMS
3221-1b54806165ad5042.js
security.painchek.com/_next/static/chunks/ 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/3221-1b54806165ad5042.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
28b9ee09a67c8f13a46f6087d6132bb267f9d9a7e4476bdd1bfe6956401f82b6
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-zO8BIF0LL/RNp4Ocvebr5w==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-zO8BIF0LL/RNp4Ocvebr5w==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWVDHYGWZYR0HGXKADQ-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"8f14-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2adfe0b54-AMS
817-2ab5444ad9ca57aa.js
security.painchek.com/_next/static/chunks/ 		21 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/817-2ab5444ad9ca57aa.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
0123c877058757fce80cbd908f145117b487b7096128fd416687c79198cd140d
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ECaAy4NocGbSqIh0SfetIA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-ECaAy4NocGbSqIh0SfetIA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWFSHT6F9EXFM18VMV-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"52b9-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2a9ed0df4-AMS
4512-27c336d4550e9f90.js
security.painchek.com/_next/static/chunks/ 		153 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/4512-27c336d4550e9f90.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
ebc72297be952f382a6e4725b630e59bdd311c3fb711d446f0a23b383c7739d4
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-9Fnn9V8YfJxe2ZAWLvn2GA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-9Fnn9V8YfJxe2ZAWLvn2GA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWQ5XHGAZKMP9VFA01-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"265f4-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2ba3d6618-AMS
227-381cc4c35e2b6d03.js
security.painchek.com/_next/static/chunks/ 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/227-381cc4c35e2b6d03.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
8bf0eb4cb4307fefbb1e0ee488abb7d4e79ce4965cc6621d00586e59cd8b157d
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-j/8+CLyLVwhW9kvR6CimBA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-j/8+CLyLVwhW9kvR6CimBA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWXFE0QXC3K0Y2FZF1-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"13304-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2a8380b4e-AMS
6435-36e15541c50008dc.js
security.painchek.com/_next/static/chunks/ 		188 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/6435-36e15541c50008dc.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
deababbfd8c2928100f3a8f9bcd7ab6b4666a0d2ef625e6d7f5cad6f69ba9000
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-j3ct3lMc6Kz8mAZaiakGyg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-j3ct3lMc6Kz8mAZaiakGyg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWW30XQPTFXFJ2VGCM-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"2eeda-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2af100a70-AMS
681-0659532dfb58525d.js
security.painchek.com/_next/static/chunks/ 		106 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/681-0659532dfb58525d.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
0c6a40a894621c2190c6893116e09e35bba5438eff11f7712a710575ba59a598
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Qo5m9MloAG1Qm5lILLIpRw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Qo5m9MloAG1Qm5lILLIpRw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWEDQZAE7QSX3HTMFJ-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"1a6a4-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2aeb2b891-AMS
6536-5a7363dea603e98a.js
security.painchek.com/_next/static/chunks/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/6536-5a7363dea603e98a.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
15052e4b81d959b7bb5dd22a76e6015393e9836cdc61dca33e12f511614eab25
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Jiv0NFiyQW+XZ+9DBAwLMw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Jiv0NFiyQW+XZ+9DBAwLMw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWKNAFMF4VP9NGKY3F-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"1df5-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2bd59775d-AMS
9689-8370b9ce22fdd10b.js
security.painchek.com/_next/static/chunks/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/9689-8370b9ce22fdd10b.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
07c7079c99b64579eb0cccd6e0141f6f747df09411c1fa0e26e46463fcbfb921
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-31946aWnbzXzrbbsyOu+yw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-31946aWnbzXzrbbsyOu+yw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWWC5F3ZTFJ2BZF4P6X-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"12416-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2b8ca4242-AMS
2183-582ca8154bfc641c.js
security.painchek.com/_next/static/chunks/ 		11 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/2183-582ca8154bfc641c.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
c5ae53132f972ba48987fb5c2e161e5e560aba0160df2ad78e84b8bd6e1891cb
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-whUGh+sWyxnyltKgIz5d+Q==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-whUGh+sWyxnyltKgIz5d+Q==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWX3M5TQNG3V785WYND-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"2aa0-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2addbb8f6-AMS
475-eac3b8535578983f.js
security.painchek.com/_next/static/chunks/ 		10 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/475-eac3b8535578983f.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
ffc0bcc3ae91f97a02fd47d1abf030d65c7274ad57c0ef36d0896bfe57f6b2e5
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-BB2NpmJehhdhBJ6Zjp7O0Q==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-BB2NpmJehhdhBJ6Zjp7O0Q==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWX2AQ60XBA0YNP850P-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"288b-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2bf9b9721-AMS
1555-d78aa3420c25b8bf.js
security.painchek.com/_next/static/chunks/ 		14 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/1555-d78aa3420c25b8bf.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
2ae3f17c2ecfb7cfc9b57ff05814b7b5756e2aba6313545ac674ae17a60e29cb
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-f3+KBi0p1QmA5ebs6MU0Xw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-f3+KBi0p1QmA5ebs6MU0Xw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWX3YBMP4JS3BDP5F5H-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"3785-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2ada11ea9-AMS
2088-1608de839439a8d4.js
security.painchek.com/_next/static/chunks/ 		12 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/2088-1608de839439a8d4.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
6e77259d246446fc076a1831921969320afbf8de9155284cf1fb35710a91c6ba
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-4+unPRAQcnZX9A2laTGAXQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-4+unPRAQcnZX9A2laTGAXQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWXSW1XYTBQ1WZ419WS-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"3199-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2baf00bd1-AMS
8558-120d4bf09a3b4104.js
security.painchek.com/_next/static/chunks/ 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/8558-120d4bf09a3b4104.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
dd05adfdbd8493c042e408146cbe190251f8b04e2da05adc3c180442ed6d1b5d
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-I+pN6NcyphZBK+Z8LBSpDw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-I+pN6NcyphZBK+Z8LBSpDw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWX2Z0VB8CYMM3NH702-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"12a2f-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2aa717742-AMS
1308-26d3d8afa3e434b9.js
security.painchek.com/_next/static/chunks/ 		13 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/1308-26d3d8afa3e434b9.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
99aee3d9e29b3c0b1c3c0af0dae68e423da43e2eceb095bd4c9671589a46bb80
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Z7IuF+oEMCoDJPkgBlhbBw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-Z7IuF+oEMCoDJPkgBlhbBw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTWYC48VK419BRFXZQJN-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"3293-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b2a9066651-AMS
4298-81e0d0ac60d946dc.js
security.painchek.com/_next/static/chunks/ 		289 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/4298-81e0d0ac60d946dc.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
16341d7205e8963415f07e1049ad0d60d491b662950729aa77f75b28fde49a65
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-8dD36vXhA6AG6nyODwMBkw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-8dD36vXhA6AG6nyODwMBkw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTZ2XWGJC0BZWSSSBTPE-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"4820a-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b31897a009-AMS
7775-25473e0223d5c87b.js
security.painchek.com/_next/static/chunks/ 		35 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/7775-25473e0223d5c87b.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
d025e7883ea4e902685bf5eedfe0b79e5bbe2476a3f46d528d9f6520abd32293
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-0iEjKbHKnkRStqZ/vkDrmw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:18 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-0iEjKbHKnkRStqZ/vkDrmw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28519
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV192788MM3KMGACG1TV-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"8b58-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b38ffd9ff3-AMS
index-1f4ed634a4527527.js
security.painchek.com/_next/static/chunks/pages/ 		1018 B
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/chunks/pages/index-1f4ed634a4527527.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
eafaad8b9aae287f0168a78986e7c823e218cd0394b90a66b3f0ae7a1c8b1b01
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-06AaeROjoaCxsH//BrJVCw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-06AaeROjoaCxsH//BrJVCw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
age
28520
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV2TBRQ9Y2030KF7NDGC-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"3fa-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-cloud-trace-context
32a8baef81acc0ed5d65d3a9dca5ce96
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b3db129f87-AMS
_buildManifest.js
security.painchek.com/_next/static/ca7a2d00faa5145e2f8cbb11c3aaa3995031d772/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/ca7a2d00faa5145e2f8cbb11c3aaa3995031d772/_buildManifest.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
3eee8281e264d99478f06df647bd84c2e2eeca27ba1aa92d077a23e3bf0a38bf
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-bC6MrGPTNr7fDi9HiVcqrA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-bC6MrGPTNr7fDi9HiVcqrA==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
via
1.1 google, 2 fly.io
age
28520
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV47Z2H5B6VWPN5SCGW3-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"1b1d-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b419c506c2-AMS
_ssgManifest.js
security.painchek.com/_next/static/ca7a2d00faa5145e2f8cbb11c3aaa3995031d772/ 		77 B
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/_next/static/ca7a2d00faa5145e2f8cbb11c3aaa3995031d772/_ssgManifest.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-+jHHSEtI+7r3GScySK48Jg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-+jHHSEtI+7r3GScySK48Jg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
age
28520
cf-cache-status
HIT
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV48903DCMKW95HVZTWC-fra
last-modified
Tue, 27 Aug 2024 17:40:36 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"4d-19194ecda20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
origin-agent-cluster
?1
x-cloud-trace-context
4a7c9d1121af8e30df16cde7ea94b72e
cache-control
public, max-age=31536000, immutable
cf-ray
8ba276b4288e0a70-AMS
css2
fonts.googleapis.com/ 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c503e30d6b6ad4530b5962b7098b4fa82c5a4f65809f85c19a375b8bff1f6145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 07:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 07:02:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 07:07:18 GMT
css2
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2029483cfe35323a8c60ac3e77093931cbde220ff5bd12940914b36570253d40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Aug 2024 07:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 07:07:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Aug 2024 07:07:18 GMT
painchek.com
logo.clearbit.com/
Redirect Chain
  • https://security.painchek.com/api/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/logo.png
  • https://logo.clearbit.com/painchek.com
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logo.clearbit.com/painchek.com
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Server
13.32.27.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-44.fra56.r.cloudfront.net
Software
Clearbit /
Resource Hash
78c22f6041e358e50aecc258c01d9a2ef16a9814623d22ca3bc80d68f0d50272
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 26 Aug 2024 16:10:07 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-response-flags
-
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
Clearbit
x-amz-cf-pop
FRA56-C2
age
140232
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-id
HXLDwvyIWtpE-RJVcGwlih4009kiURluixalkIqbDtCJQTexQ8_Ryg==

Redirect headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-n3uJ8veWPjrCiyG9R/VrAg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYTVYDFC969FKACH9CD4P-fra
cross-origin-opener-policy
same-origin-allow-popups
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html
location
https://logo.clearbit.com/painchek.com
origin-agent-cluster
?1
x-cloud-trace-context
54a1f8a5c4bdec93183c94058ca1c15d
cf-ray
8ba276b279f7a017-AMS
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://security.painchek.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 14:47:59 GMT
x-content-type-options
nosniff
age
58760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 14:47:59 GMT
Control.svg
security.painchek.com/images/icons/ 		2 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.painchek.com/images/icons/Control.svg
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
4429234ca77dd06afcf9b5982e289a566f46ca99e8181afc07e7e8cf896164c8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-eLzDcgDNQC45orbjANX67Q==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-eLzDcgDNQC45orbjANX67Q==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV6VAFPR39T67MTX5WR6-fra
last-modified
Tue, 27 Aug 2024 17:33:44 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"707-19194e690c0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
cf-ray
8ba276b4aa4a9706-AMS
K.svg
security.painchek.com/images/icons/ 		283 B
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.painchek.com/images/icons/K.svg
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
e26f8d9a31fb35a72c7c813d9d5af28653d5f4ccb3e0a27f1b924cb889ca5cc8
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-uTePINts/6lSqyHuUzrQAQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-uTePINts/6lSqyHuUzrQAQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
MISS
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV6V12EXPW8Z8CCPMND4-fra
last-modified
Tue, 27 Aug 2024 17:33:44 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"11b-19194e690c0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
origin-agent-cluster
?1
x-cloud-trace-context
067b0dc7f4082f7b1412edbee529a781
cache-control
public, max-age=0
cf-ray
8ba276b4aa6366b0-AMS
image
security.painchek.com/_next/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.painchek.com/_next/image?url=%2Fimages%2Fcertifications%2Fcyber_essentials.png&w=64&q=75
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
8777b735ccf33225ea7f27684925f95a805ebbdf7c8b70bbd6631c951e336f3d
Security Headers
Name Value
Content-Security-Policy script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-security-policy
script-src 'none'; frame-src 'none'; sandbox;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
x-dns-prefetch-control
off
x-nextjs-cache
STALE
content-disposition
inline; filename="cyber_essentials.webp"
content-length
1804
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV6V0AMAPXW230M6J222-fra
cross-origin-opener-policy
same-origin-allow-popups
etag
h3e3NczzMiXqfydoSSX5WoBeu998i3C71mMclR4zbz0=
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
image/webp
origin-agent-cluster
?1
x-cloud-trace-context
a0af775b288b7b7d28dfb069abee8c49
cache-control
public, max-age=60, must-revalidate
accept-ranges
bytes
cf-ray
8ba276b4ae4f66cc-AMS
gdpr.svg
security.painchek.com/images/certifications/ 		21 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.painchek.com/images/certifications/gdpr.svg
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
571ae5be656573ac3f9a2aed04b9fb2e5c32fd68b0fa59b0343e05396ecc43c9
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-DrjkWn5gIFs8UO6EBUfrsQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-DrjkWn5gIFs8UO6EBUfrsQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV6VJQD2GHA5YRQ303KK-fra
last-modified
Tue, 27 Aug 2024 17:33:44 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"527d-19194e690c0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
cf-ray
8ba276b4af750a77-AMS
iso.svg
security.painchek.com/images/certifications/ 		1 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.painchek.com/images/certifications/iso.svg
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
cca0bc6b0238341c0a48debf91085b42c4e49768bca0177b3b3cdbeb2fe5a3f2
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-LXou8z979O7K2fKlyio+wQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-LXou8z979O7K2fKlyio+wQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV6WN1X3K29K398VK5MR-fra
last-modified
Tue, 27 Aug 2024 17:33:44 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"4b9-19194e690c0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
cf-ray
8ba276b4a93a9fe8-AMS
safebase.svg
security.painchek.com/images/ 		3 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://security.painchek.com/images/safebase.svg
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
a79be783eabc8a49c2d537a1c36f4b357e934fb303db8de30f5820651c8c4bc5
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-q6OtcQbea5xbGJjU0GDhzw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-q6OtcQbea5xbGJjU0GDhzw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
MISS
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYV6WS27HR9V3FSVWHJTD-fra
last-modified
Tue, 27 Aug 2024 17:33:44 GMT
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"cfc-19194e690c0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
origin-agent-cluster
?1
cache-control
public, max-age=0
cf-ray
8ba276b4abae0e74-AMS
fs.js
edge.fullstory.com/s/ 		283 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
29f359572390a59c6a6dd92fedeb480f7ded103c7c9b3430b192e21868858aa4

Request headers

Referer
https://security.painchek.com/
Origin
https://security.painchek.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:53:49 GMT
content-encoding
br
age
810
x-guploader-uploadid
AHxI1nPR6RyutCaKWXTkmrBlhYvtV4GfnLARyY9I6a8tj-ldcU8WOaObmmhsyx3rYsqSFrJTG_E
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78063
last-modified
Thu, 22 Aug 2024 14:51:26 GMT
server
UploadServer
etag
"714fc3f73e63e40aca21bb2228596ef4"
vary
Accept-Encoding
x-goog-generation
1724338286421756
x-goog-hash
crc32c=8sCdjg==, md5=cU/D9z5j5ArKIbsiKFlu9A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
78063
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Aug 2024 07:53:49 GMT
/
o410058.ingest.sentry.io/api/5283673/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o410058.ingest.sentry.io/api/5283673/envelope/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.75.1
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 28 Aug 2024 07:07:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
main.js
security.painchek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame D435
Redirect Chain
  • https://security.painchek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://security.painchek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
00dedf9d6b9d03192f273a137d610a5abbeb8d753917622b3e10ee82eb263cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
fly-request-id
01J6BWYW1B0ZHPRV8R32J46EET-fra
via
2 fly.io
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ba276b9fdcc5c49-AMS

Redirect headers

date
Wed, 28 Aug 2024 07:07:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
2 fly.io
fly-request-id
01J6BWYVQWXHHCQ8FXRJM99MB4-fra
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8ba276b80901b95c-AMS
content-length
0
e76853ce-b8e7-471c-b5bd-d251edd857bc
https://security.painchek.com/ Frame 		0
0
7f021b4b-1827-44ff-9a60-b60fcf2f45d9
sdk-split.safebase.io/api/mySegments/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk-split.safebase.io/api/mySegments/7f021b4b-1827-44ff-9a60-b60fcf2f45d9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://security.painchek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://security.painchek.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
cf-cache-status
DYNAMIC
cf-ray
8ba276ba59fd62ea-HAM
content-length
37
date
Wed, 28 Aug 2024 07:07:20 GMT
retry-after
0
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230022-FRA
x-timer
S1724828840.104883,VS0,VE0
splitChanges
sdk-split.safebase.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk-split.safebase.io/api/splitChanges?since=-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,splitsdkversion
Access-Control-Request-Method
GET
Origin
https://security.painchek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods
GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://security.painchek.com
access-control-max-age
7200
allow
HEAD,GET,OPTIONS,POST,PUT,DELETE
cf-cache-status
DYNAMIC
cf-ray
8ba276ba59f962ea-HAM
content-length
37
date
Wed, 28 Aug 2024 07:07:20 GMT
retry-after
0
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230044-FRA
x-timer
S1724828840.104681,VS0,VE0
enterprise.js
www.recaptcha.net/recaptcha/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise.js?render=explicit&onload=onRecaptchaLoadCallback
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
51de07cad12d9408a1df8a6e67fef2e136b4384801545a7e030ea648f54067b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 28 Aug 2024 07:07:20 GMT
7f021b4b-1827-44ff-9a60-b60fcf2f45d9
sdk-split.safebase.io/api/mySegments/ 		17 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk-split.safebase.io/api/mySegments/7f021b4b-1827-44ff-9a60-b60fcf2f45d9
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://security.painchek.com/
SplitSDKVersion
javascript-10.25.2
Authorization
Bearer sljsi19d6rruq7r9gc0nlj08da3o1t8lt9ek
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
via
1.1 varnish, 1.1 varnish
age
36974
x-cache
HIT, HIT
content-length
41
x-served-by
cache-iad-kjyo7100022-IAD, cache-fra-eddf8230153-FRA
server
cloudflare
x-timer
S1724828840.189902,VS0,VE93
etag
"1000002"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
trace
cache-iad-kjyo7100022-IAD-a26515c9-7552-475c-b842-8551a080b327; cache-fra-eddf8230108-FRA-b5db4a42-e682-4f71-adf0-15aa38d19128
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
cf-ray
8ba276baeb0662ea-HAM
x-cache-hits
5, 0
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://security.painchek.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:58:37 GMT
x-content-type-options
nosniff
age
61722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Aug 2025 13:58:37 GMT
splitChanges
sdk-split.safebase.io/api/ 		57 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdk-split.safebase.io/api/splitChanges?since=-1
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c00f135f556799fca90b293de166fe51a4cdd44f02c58b94a64973e916014c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://security.painchek.com/
SplitSDKVersion
javascript-10.25.2
Authorization
Bearer sljsi19d6rruq7r9gc0nlj08da3o1t8lt9ek
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
age
55027
x-cache
HIT, HIT
content-length
3773
x-served-by
cache-iad-kcgs7200140-IAD, cache-fra-eddf8230139-FRA
last-modified
Fri, 23 Aug 2024 15:50:06 GMT
server
cloudflare
x-timer
S1724828840.182275,VS0,VE1
etag
"1724428206208"
vary
Accept-Encoding, Origin, Authorization
content-type
application/json; charset=utf-8
trace
cache-iad-kcgs7200140-IAD-f3085521-b09d-4920-930d-44ade5c4e6b0; cache-fra-eddf8230068-FRA-7f7c2a0b-1a5f-4e02-a9b8-b81a47a2ddd9
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin,X-Request-Id
cache-control
no-transform, max-age=60, s-maxage=60
accept-ranges
bytes
cf-ray
8ba276baeb0062ea-HAM
x-cache-hits
34, 1
ais
security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/kb/ 		555 B
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/kb/ais?productId=default
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
0a97514c6b8531e68abf0f7b86b08c1e9f8824d93cb27ca2c5fc15d48c206ba3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-O7EM6S1/vSGwLXJnI49GYw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-O7EM6S1/vSGwLXJnI49GYw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYW10HXNTWTT1E8R60Z0F-fra
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"3q9i2932x6ff"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
x-cloud-trace-context
b909800f8bffcf2029108de2c05b1286
cf-ray
8ba276b9d87cb8ac-AMS
view
security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/ 		11 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/view
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-AvWRmyudIoiPOq37ZG5wpQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-AvWRmyudIoiPOq37ZG5wpQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYW10W5VMEPZF66G22PZ2-fra
cross-origin-opener-policy
same-origin-allow-popups
etag
"w6gfy8q1ypb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
x-cloud-trace-context
5ed200baef557feab847c01febe184a1;o=1
cf-ray
8ba276b9d8069f9c-AMS
default
security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/view/ 		11 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/view/default
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-u4gk42Mo4XegE0AuWpNN2A==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-u4gk42Mo4XegE0AuWpNN2A==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYW11EZYBQW6WES6VGV74-fra
cross-origin-opener-policy
same-origin-allow-popups
etag
"w6gfy8q1ypb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
x-cloud-trace-context
1663f1befce87bbc5f3fac8ec1f83580
cf-ray
8ba276b9da680e6c-AMS
sp
security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/ 		48 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/sp
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
99de6560d1f8ad25950cdc0910c1232b3b8dd36124e987b2f6f5f6a02640d4c3
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-mXJogGHJ+k/NKzHaALFvGw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-mXJogGHJ+k/NKzHaALFvGw==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
gzip
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google, 2 fly.io
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYW13XWFTY5409E1B435F-fra
cross-origin-opener-policy
same-origin-allow-popups
etag
"5f8w1o7vrl120z"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
cache-control
private
cf-ray
8ba276b9efb75c4b-AMS
compliance-update
security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/ 		23 B
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/api/statuspage/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/public/compliance-update
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
2321bd0dcab3570cb4b36871411be2b13d70ccbaca5db547ed054b87ee563684
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-cU1Bt2+z94wUVKNocpFRpg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
application/json, text/plain, */*
Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-cU1Bt2+z94wUVKNocpFRpg==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
via
1.1 google, 2 fly.io
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
no-referrer,strict-origin-when-cross-origin
fly-request-id
01J6BWYW147RTMP3G9DMQRKZ4X-fra
cross-origin-opener-policy
same-origin-allow-popups
etag
"jdptrgz1pfn"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
origin-agent-cluster
?1
x-cloud-trace-context
aeb3d134164d6a772c3292f015043bb8
cf-ray
8ba276b9ef4b6697-AMS
web
edge.fullstory.com/s/settings/VZSWZ/v1/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/VZSWZ/v1/web
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
dc1b27ed9c1ea72a9ccfce4b43999e672a19f44c315c5d9d57eab7e8991ec672

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:03:02 GMT
content-encoding
gzip
age
258
x-guploader-uploadid
AHxI1nMOx7r9P7b7-9GFYBEuSD5-_pWT7AqgjJu_H2bg8eSWaKmAkZtDtVpGypc9cypP34AuPz8sLaCKOg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1356
last-modified
Wed, 28 Aug 2024 07:02:20 GMT
server
UploadServer
etag
"792280a4b74172d2138d3e2fe15a9f4a"
x-goog-generation
1724379740063601
x-goog-hash
crc32c=1nMNWQ==, md5=eSKApLdBctITjT4v4VqfSg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1356
accept-ranges
bytes
content-type
application/json
expires
Wed, 28 Aug 2024 07:18:02 GMT
8ba276b1bc190a50
security.painchek.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame D435 		0
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://security.painchek.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ba276b1bc190a50
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1:667:634a:5608:6788:3e70 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
2 fly.io
fly-request-id
01J6BWYWBY75SKDFKPV10Z9S2J-fra
cf-ray
8ba276bc4fad9707-AMS
content-length
0
content-type
text/plain; charset=UTF-8
page
rs.fullstory.com/rec/ 		78 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
63b07e3e7c19c7e196fc88552b8935272f090edeaf3472879416514ef2b25bc4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://security.painchek.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
recaptcha__de.js
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 		539 KB
215 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/enterprise.js?render=explicit&onload=onRecaptchaLoadCallback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
Origin
https://security.painchek.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 13:21:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
219509
x-xss-protection
0
last-modified
Mon, 19 Aug 2024 04:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Aug 2025 13:21:29 GMT
analytics.min.js
cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d92678a00e82d69efe8509b6fcc3a8d0d882de87c2291e9b114747b5b0556a6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:20 GMT
x-amz-version-id
9uN_3gPfEqteHRrKQiBnU3lPtqSsOkg8
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 29 Jul 2024 21:58:29 GMT
server
cloudflare
etag
W/"3ff0dece474cee26b2c58f16b5d2ffea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
cf-ray
8ba276bcd9e262ec-HAM
x-amz-cf-id
6w51Wsdjk4vJc-oNnXIGVUrgTfMwgGjCG6dWOhX-SciuNqY96Jzugg==
settings
cdn.segment.com/v1/projects/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/settings
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8298e1275d993c5ed4cc796a135b4353f58d077443ea68c2f45a0621e945e160

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
tbXoBAxZgpr4tzHZtpGQoyoeiW4KaZtp
content-encoding
br
via
1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 06:43:14 GMT
x-amz-cf-pop
FRA6-C1
age
1521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 27 Aug 2024 19:07:51 GMT
server
AmazonS3
etag
W/"52616bc4880983befb30320c652ef624"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
wteKAfW_iFymZlaQkuXSWaI8Awb1MXYHgl1MsY25AftTnXevESLinA==
anchor
www.recaptcha.net/recaptcha/enterprise/ Frame 677B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.recaptcha.net/recaptcha/enterprise/anchor?ar=1&k=6LfJ8wojAAAAAAWs_gKrU2jrPCTiAxkHXbwl2EId&co=aHR0cHM6Ly9zZWN1cml0eS5wYWluY2hlay5jb206NDQz&hl=de&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=invisible&badge=bottomleft&cb=95lsskmzh9vo
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bskNqtmC22cBPcV-4Nrb4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://security.painchek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-bskNqtmC22cBPcV-4Nrb4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Aug 2024 07:07:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:52 GMT
x-amz-version-id
y1rPlIgvelxNE1YxH.dn4iIroP2Pnn0U
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5568568
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
_6WwTaFKA54IHaR-9Yd_VxxELKTgihcW44z2mouz7_hp9gyY_CRXDQ==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 20:17:54 GMT
x-amz-version-id
fFM2.Q5O21tbOz6I0BWTT24IeUb4pa6L
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
5568567
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jun 2024 18:40:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
eWW8h_yG-I-l7gW6q-91znbfRsucVdTOvxRzuZNP7OTbhvu-kPQ_Dg==
1ad1466dbcfbc57ffceb.js
cdn.segment.com/next-integrations/actions/fullstory/ 		186 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/fullstory/1ad1466dbcfbc57ffceb.js
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
447a9b06aafd0ca4f4627d76b29418b24cdb712c5eff0aa58ed012344251770d

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 08:16:32 GMT
x-amz-version-id
.EXlDYmRNyucJPH79ntV45iAEh1zdPR5
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
82248
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 26 Aug 2024 16:53:03 GMT
server
AmazonS3
etag
W/"6862c57c9efc9ce7cb63f719d87819ee"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
caqSc6ZEpGjF2bLsKNwT1JtEPUChQMMuImbPiUIwBkML5JdKjBwymg==
0f09d99be50b80febe3e.js
cdn.segment.com/next-integrations/actions/algolia-plugins/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/algolia-plugins/0f09d99be50b80febe3e.js
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
222ced275c3a5599d8f88d0e81d452c6ce1462731f46a58eec5b895d135b4e5f

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
KWItRo3GKb_6BsG9V4R0UJpZRIDHbm1P
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 02:48:11 GMT
x-amz-cf-pop
FRA6-C1
age
15550
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:55 GMT
server
AmazonS3
etag
W/"5dbf68506a13b5b99f0cd33ded091573"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
fpzpGUaE6h4e3Fdi9RpxS2p7PfJXI7r3ittYScxb9nPVDZB2x83jbw==
2d04d1da143afcea0dd4.js
cdn.segment.com/next-integrations/actions/845/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/845/2d04d1da143afcea0dd4.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/1ad1466dbcfbc57ffceb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
6QwFHwiTFjRaoadUFPfbiMxzeAQ1Qs2f
content-encoding
br
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
date
Wed, 28 Aug 2024 01:20:46 GMT
x-amz-cf-pop
FRA6-C1
age
20796
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 02 Jul 2024 17:58:54 GMT
server
AmazonS3
etag
W/"3d84aa516e4818a6f28f1cad3a20212d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
Zc1wQx_h__on0qOqczjrZhmUxdqTbRlOh4jo99MhTC-T2BVLPM7IJg==
userpilot.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/userpilot/1.0.7/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/userpilot/1.0.7/userpilot.dynamic.js.gz
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9266cce0bbd9c56e17e88376703d6c3b3711217a04e4174d74809dd5453e1d4b

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 21:59:40 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id
GQG89q7egYeKug6tvrtBV6U2Oh9yqKi2
x-amz-cf-pop
FRA6-C1
age
3661662
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1158
last-modified
Mon, 03 Jun 2024 14:40:13 GMT
server
AmazonS3
etag
"6f5a2b2defa5b9e0b90fb1af87afa60e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
8NODiClptdog7U5QRPf9vtliVh-XYD4wbT5wdTq5WedSk30koD34Cw==
google-tag-manager.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 01:18:46 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id
bdsEH.0LgrjWd4kHDEZQV0GazYAEKsCs
x-amz-cf-pop
FRA6-C1
age
712116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1343
last-modified
Thu, 08 Aug 2024 06:57:15 GMT
server
AmazonS3
etag
"a2b1aa1a0e402b1f891c929f94449d47"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
k8GeQBzMV_MZNjQasP1gM99HlZxWnQmxbxAVW908w7Pp-f2GmMFAXg==
p
api-segment.safebase.io/v1/ 		21 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-segment.safebase.io/v1/p
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Aug 2024 07:07:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
https://security.painchek.com
cf-ray
8ba276c13f3262ea-HAM
content-length
21
t
api-segment.safebase.io/v1/ 		21 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-segment.safebase.io/v1/t
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:582 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Aug 2024 07:07:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
https://security.painchek.com
cf-ray
8ba276c13f2b62ea-HAM
content-length
21
commons.a61d7bea37d2de5d4b69.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Requested by
Host: cdn-segment.safebase.io
URL: https://cdn-segment.safebase.io/sb-segment/v1/x7z6yaZijdrGHb675XXwt7zo3gtKHyVb/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 27 Aug 2024 07:24:19 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-version-id
aAixXKmCEkR1rfYrRzV2.EPYhnGmH0W2
x-amz-cf-pop
FRA6-C1
age
85383
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21911
last-modified
Thu, 08 Aug 2024 06:57:13 GMT
server
AmazonS3
etag
"c467a63b2e7c3a99be423ace649014d8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
Df1kI5ZULqTKQ-f-8D_g73FclZQIt47WZ7Z8x7hWE3LI1C8bIJndmA==
gtm.js
www.googletagmanager.com/ 		235 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQD43PT&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4cb66f957dfb349051c8a6acee2fae53b355051b04feb1b961bf4a283596413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86268
x-xss-protection
0
last-modified
Wed, 28 Aug 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Aug 2024 07:07:21 GMT
latest.js
js.userpilot.io/sdk/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userpilot.io/sdk/latest.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c5b524f646877f33186e2d90ed528e893924aa57ff193f8d2108b3b925325c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
x-amz-request-id
D44GFCAQH0B4M6YC
age
42
x-amz-server-side-encryption
AES256
x-amz-id-2
/6o7yiIID2I0xzaogwtoGcH4VeIK5+oWXZBo1T3YrgFzWH7IwUvperl3Z7epz/Qa5wWnmcCqtuihaVFdrK4wEA==
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:40:57 GMT
server
cloudflare
etag
W/"e6ea44f3fa5dff54387f91d981085626"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=120
cf-ray
8ba276c219f562ce-HAM
app.js
js.userpilot.io/sdk/version/1.532/ 		1 MB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.userpilot.io/sdk/version/1.532/app.js
Requested by
Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b5614a3735226eb3a53f53e77e62368be584537de116aceef693dcad8766d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:21 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
x-amz-request-id
MN07C6A4J0NDHX88
age
69968
cf-polished
origSize=1259594
x-amz-server-side-encryption
AES256
x-amz-id-2
74rQXSyITxry12ZC8KlJffxVfTaxivccdxSiDtougOwJ/33nJuZ8VrLow5fYne1SDJ3qxk1u6JQ=
cf-bgj
minify
last-modified
Thu, 22 Aug 2024 11:40:55 GMT
server
cloudflare
etag
W/"c572d5fe1284e42fccafcde14fd10987"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
cf-ray
8ba276c26aa662ce-HAM
NX-f9f51179
find.userpilot.io/v1/lookups/ 		62 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://find.userpilot.io/v1/lookups/NX-f9f51179
Requested by
Host: security.painchek.com
URL: https://security.painchek.com/_next/static/chunks/pages/_app-0b470aa4165aa182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:119b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://security.painchek.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 07:07:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-cache
Hit from findex
x-request-id
F-_SsZGkFZgp1QgAe83C
last-modified
Wed, 28 Aug 2024 07:07:22 GMT
server
cloudflare
vary
Accept-Encoding
x-ratelimit-remaining
59999
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-apo-via
origin,host
x-ratelimit-limit
60000
x-ratelimit-reset
1724828880000
cf-ray
8ba276c54fa8cab5-HAM
favicon.ico
app.safebase.io/api/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
security.painchek.com
URL
blob:https://security.painchek.com/e76853ce-b8e7-471c-b5bd-d251edd857bc
Domain
app.safebase.io
URL
https://app.safebase.io/api/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/favicon.ico

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| webpackChunk_N_E function| __next_set_public_path__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| __SENTRY__ object| SENTRY_RELEASE string| _fs_cookie_domain string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized object| FontAwesomeConfig object| ___FONT_AWESOME___ object| pdfjsLib object| __MIDDLEWARE_MATCHERS object| __BUILD_MANIFEST object| __SSG_MANIFEST object| __sentry_instrumentation_handlers__ object| analytics function| onRecaptchaLoadCallback object| split string| _fs_loaded function| _fs_shutdown object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| recaptcha object| closure_lm_843723 object| webpackChunkDestination function| fullstoryDestination function| algolia-pluginsDestination object| google-tag-managerDeps function| google-tag-managerLoader object| userpilotDeps function| userpilotLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| google-tag-managerIntegration object| dataLayer function| userpilotIntegration object| userpilotSettings function| userpilotInitiator object| userpilotInitiatorSDK object| userpilotCallMethods object| userpilot object| google_tag_manager object| google_tag_data object| userpilotChecklist object| userpilotNps function| _userpilot object| userpilotIntegrations

5 Cookies

Domain/Path Name / Value
security.painchek.com/ Name: sb.anonymousId2
Value: 952d9819-9502-4325-8ea0-bdf0c8c92797
security.painchek.com/ Name: GAESA
Value: CoABMDAzZmIzZTBjODBiMjhjMWFmOWNmYjFjMDU2YjA0ZDNiNTVlZmMzNzAwN2EwYzYzMWQwMmJiMGU0MjdkM2NiZTM5OWZhY2RhZmVmODZjOTBjM2E5YWM4NjBhYjY1M2VkNzc0MzkzMzA0YTA5ODg5N2E4NDUyOWU4ZDhjZWE4NWQQ0Nq9vpky
.safebase.io/ Name: __cf_bm
Value: FGKWJqu_SPcxlZ2a23r31iVdsPpdTihFgdz1EvhUawM-1724828840-1.0.1.1-JYLWxi3vDhXfznO7slnJliI1HfJTNPLjqUDbdAieikf40MYPHYS.5F0fzKknJ1bJ_XN9Qaa5zwiIFso39wnPHA
.painchek.com/ Name: ajs_anonymous_id
Value: 952d9819-9502-4325-8ea0-bdf0c8c92797
.painchek.com/ Name: _gcl_au
Value: 1.1.1199148945.1724828842

1 Console Messages

Source Level URL
Text
network error URL: https://app.safebase.io/api/share/7f021b4b-1827-44ff-9a60-b60fcf2f45d9/favicon.ico
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://app.safebase.io https://*.google-analytics.com https://*.analytics.google.com https://analytics.google.com https://adservice.google.com https://www.recaptcha.net https://stats.g.doubleclick.net https://api-js.mixpanel.com https://*.ingest.sentry.io https://storage.googleapis.com https://api.segment.io https://cdn.segment.com https://api-segment.safebase.io https://cdn-segment.safebase.io https://api.intercom.io https://api-iam.intercom.io https://api-ping.intercom.io https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://app.vitally.io https://api.vitally.io https://z9uyl8uax6-dsn.algolia.net https://z9uyl8uax6-1.algolianet.com https://z9uyl8uax6-2.algolianet.com https://z9uyl8uax6-3.algolianet.com https://auth.split.io https://sdk.split.io https://streaming.split.io https://events.split.io https://telemetry.split.io https://auth-split.safebase.io https://events-split.safebase.io https://sdk-split.safebase.io https://streaming-split.safebase.io https://telemetry-split.safebase.io https://uploads.userpilot.io https://api.userpilot.io wss://api.userpilot.io https://find.userpilot.io https://find-x.userpilot.io https://find-y.userpilot.io https://find-z.userpilot.io https://find-w.userpilot.io wss://analytex.userpilot.io wss://analytex-us.userpilot.io wss://analytex-eu.userpilot.io wss://analytex-in.userpilot.io https://analytex.userpilot.io https://analytex-us.userpilot.io https://analytex-eu.userpilot.io https://analytex-in.userpilot.io https://reporting.userpilot.io wss://reporting.userpilot.io https://playground.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://embed.explo.co https://api.explo.co https://data.explo.co https://*.data.explo.co https://data1.explo.co https://analytics.explo.co https://api.statsig.com https://autocomplete.clearbit.com https://api.us.flatfile.io wss://api.us.flatfile.io https://canny.io https://api.canny.io https://edge.fullstory.com https://rs.fullstory.com https://www.loom.com https://*.hubspot.com https://*.hsforms.com https://*.hsforms.net https://*.hscollectedforms.net https://*.hubapi.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://www.facebook.com/tr/ https://cdn.cookielaw.org https://*.onetrust.com https://www.paypal.com https://*.cookiebot.com;img-src 'self' blob: data: https://app.safebase.io https://s.gravatar.com https://*.googleusercontent.com https://*.wp.com https://cdn.auth0.com https://img.icons8.com https://storage.googleapis.com/public.safebase.co/ https://www.google.com https://*.google-analytics.com https://www.googletagmanager.com https://www.gstatic.com https://www.google.ca https://www.google.ie https://stats.g.doubleclick.net https://analytics.google.com https://www.recaptcha.net https://px.ads.linkedin.com https://px4.ads.linkedin.com https://p.adsymptotic.com https://js.intercomcdn.com https://static.intercomassets.com https://downloads.intercomcdn.com https://uploads.intercomusercontent.com https://gifs.intercomcdn.com https://video-messages.intercomcdn.com https://messenger-apps.intercom.io https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-9.com https://media.userpilot.io https://uploads.userpilot.io https://gifs.userpilot.io https://videos.userpilot.io https://logo.clearbit.com https://platform.securityscorecard.io https://rs.fullstory.com https://app.livestorm.co https://*.hsforms.com https://*.hsforms.net https://*.hubspot.com https://www.facebook.com/tr/ https://www.facebook.com/privacy_sandbox/pixel/register/trigger/ https://cdn.cookielaw.org https://*.onetrust.com https://*.cookiebot.com;script-src 'self' 'report-sample' 'nonce-RZnGbBX4L6KU2L6GH8hHqQ==' 'strict-dynamic' https://app.safebase.io https://cdn-segment.safebase.io https://cdn.mxpnl.com https://*.google-analytics.com https://www.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.recaptcha.net https://*.dropbox.com https://*.dropboxstatic.com https://embed.explo.co https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdn.vitally.io https://js.userpilot.io https://deploy.userpilot.io https://consent.api.osano.com https://tattle.api.osano.com https://cmp.osano.com https://disclosure.api.osano.com https://canny.io https://edge.fullstory.com https://rs.fullstory.com https://js.hs-analytics.net https://js.hs-banner.com https://*.hs-scripts.com https://static.hsappstatic.net https://js.hscollectedforms.net https://*.usemessages.com https://forms.hsforms.com https://js.hs-banner.com https://js.hs-scripts.com https://js.hsleadflows.net https://js.hubspotfeedback.com https://js.hsadspixel.net https://*.hscollectedforms.net https://app.svix.com https://connect.facebook.net https://connect.facebook.net https://cdn.cookielaw.org;manifest-src 'self';media-src https://js.intercomcdn.com https://js.userpilot.io;default-src 'self';child-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;base-uri 'self';block-all-mixed-content;font-src 'self' https: data: https://js.intercomcdn.com http://fonts.intercomcdn.com https://use.typekit.net https://fonts.googleapis.com https://fonts.gstatic.com https://fonts.userpilot.io;form-action 'self' https://intercom.help https://api-iam.intercom.io https://messenger-apps.intercom.io https://calendly.com https://www.facebook.com/tr/;frame-ancestors 'none';frame-src https://www.dropbox.com https://*.dev.corp.dropbox.com https://consent.dropbox.com https://*.flatfile.io https://*.flatfile.com https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net https://canny.io https://www.loom.com https://www.google.com https://www.recaptcha.net https://embedded.tray.io https://*.hubspot.com https://app.svix.com https://www.facebook.com https://*.cookiebot.com;object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' https://use.typekit.net https://p.typekit.net;upgrade-insecure-requests;worker-src 'self' blob: https://intercom-sheets.com https://www.intercom-reporting.com https://www.youtube.com https://player.vimeo.com https://fast.wistia.net;report-uri https://o410058.ingest.sentry.io/api/5283673/security/?sentry_key=3fbff9fa2e9e4c6991906aa26710df82&sentry_environment=production&sentry_release=ca7a2d00faa5145e2f8cbb11c3aaa3995031d772
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-segment.safebase.io
app.safebase.io
cdn-segment.safebase.io
cdn.segment.com
edge.fullstory.com
find.userpilot.io
fonts.googleapis.com
fonts.gstatic.com
js.userpilot.io
logo.clearbit.com
o410058.ingest.sentry.io
rs.fullstory.com
sdk-split.safebase.io
security.painchek.com
www.googletagmanager.com
www.gstatic.com
www.recaptcha.net
app.safebase.io
security.painchek.com
13.32.27.44
2606:4700::6812:109b
2606:4700::6812:119b
2606:4700::6812:582
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2008
2a09:8280:1:667:634a:5608:6788:3e70
34.120.195.249
35.186.194.58
35.201.112.186
99.86.8.175
00dedf9d6b9d03192f273a137d610a5abbeb8d753917622b3e10ee82eb263cff
0123c877058757fce80cbd908f145117b487b7096128fd416687c79198cd140d
07c7079c99b64579eb0cccd6e0141f6f747df09411c1fa0e26e46463fcbfb921
094dd20420b90c9fccabbb0f1fd843fadd6a505b2a697a09c168e63843464c9f
099963284bd47d6e4cf88f2b4651e044ce983030c90beeca0fb417c47ee6dd38
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
0a97514c6b8531e68abf0f7b86b08c1e9f8824d93cb27ca2c5fc15d48c206ba3
0c6a40a894621c2190c6893116e09e35bba5438eff11f7712a710575ba59a598
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13e3852d2c9f4f4bd3125764fa931927e2b6901960c971c3e28ba3911262a78f
14b5614a3735226eb3a53f53e77e62368be584537de116aceef693dcad8766d6
15052e4b81d959b7bb5dd22a76e6015393e9836cdc61dca33e12f511614eab25
16341d7205e8963415f07e1049ad0d60d491b662950729aa77f75b28fde49a65
18c00f135f556799fca90b293de166fe51a4cdd44f02c58b94a64973e916014c
2029483cfe35323a8c60ac3e77093931cbde220ff5bd12940914b36570253d40
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
222ced275c3a5599d8f88d0e81d452c6ce1462731f46a58eec5b895d135b4e5f
2321bd0dcab3570cb4b36871411be2b13d70ccbaca5db547ed054b87ee563684
2326e822f2d40a5e367b1accea569229c40f86136adecfea73c578e621e815bd
23311ce2b79f029749d0e8984a3e49cc276df2c21ca91886aafbd5235bc09c84
2507c6efd15d6e4eb3ebf8d418c1de6b875256f30e34571f2d7053ba28d1a578
265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
28b9ee09a67c8f13a46f6087d6132bb267f9d9a7e4476bdd1bfe6956401f82b6
29f359572390a59c6a6dd92fedeb480f7ded103c7c9b3430b192e21868858aa4
2ae3f17c2ecfb7cfc9b57ff05814b7b5756e2aba6313545ac674ae17a60e29cb
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
37ead7a36b6176b3d91955ef84a216acf609ae60f030516ce02aa298dded5a04
3eee8281e264d99478f06df647bd84c2e2eeca27ba1aa92d077a23e3bf0a38bf
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
433695a6a1606da71a12efdc51c1df5df1bc698b02a93a5c7ae2e1dd409e4f4a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4429234ca77dd06afcf9b5982e289a566f46ca99e8181afc07e7e8cf896164c8
447a9b06aafd0ca4f4627d76b29418b24cdb712c5eff0aa58ed012344251770d
4aa48963d8eefdbac551b06d0bf4a6758f261e1e84b633cd4b6f669e6778126a
51de07cad12d9408a1df8a6e67fef2e136b4384801545a7e030ea648f54067b4
563f1063f811d215295ad483e2f2f2f8fcdf69a074736e08d726aae9100a0f75
571ae5be656573ac3f9a2aed04b9fb2e5c32fd68b0fa59b0343e05396ecc43c9
5a77a5419c45c973af76b5bcc25ba9ef275045aa14bfcd81cccdd78ec080c677
63b07e3e7c19c7e196fc88552b8935272f090edeaf3472879416514ef2b25bc4
6e77259d246446fc076a1831921969320afbf8de9155284cf1fb35710a91c6ba
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70776cd7c783e9b2ab03dc38ca3aaa42ed8cb0fe923c153a4df57c69662824a6
78c22f6041e358e50aecc258c01d9a2ef16a9814623d22ca3bc80d68f0d50272
7d638f35697ee000c384f23f81af4a331bf5960e20baae4eeb7fc46998ef9376
8298e1275d993c5ed4cc796a135b4353f58d077443ea68c2f45a0621e945e160
8777b735ccf33225ea7f27684925f95a805ebbdf7c8b70bbd6631c951e336f3d
8bf0eb4cb4307fefbb1e0ee488abb7d4e79ce4965cc6621d00586e59cd8b157d
9266cce0bbd9c56e17e88376703d6c3b3711217a04e4174d74809dd5453e1d4b
99aee3d9e29b3c0b1c3c0af0dae68e423da43e2eceb095bd4c9671589a46bb80
99de6560d1f8ad25950cdc0910c1232b3b8dd36124e987b2f6f5f6a02640d4c3
9e2189d573b1df3fd3c684ba1f9ad2ad5cd2f8394f14dde87b5fde495bea200c
a68d51bd551c3e68143c04aa6a6f868ab10d0c1ace0f090ef5886ef7718731a4
a79be783eabc8a49c2d537a1c36f4b357e934fb303db8de30f5820651c8c4bc5
adcf829f46be0e2800d59abafdc39a830ab24ec56eed2e2a372e241a1526a014
b7e53364e9ce809efb26e4c77588cec41310f5debaa49a003e0be4e0b71adb08
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c4cb66f957dfb349051c8a6acee2fae53b355051b04feb1b961bf4a283596413
c503e30d6b6ad4530b5962b7098b4fa82c5a4f65809f85c19a375b8bff1f6145
c5ae53132f972ba48987fb5c2e161e5e560aba0160df2ad78e84b8bd6e1891cb
cca0bc6b0238341c0a48debf91085b42c4e49768bca0177b3b3cdbeb2fe5a3f2
d025e7883ea4e902685bf5eedfe0b79e5bbe2476a3f46d528d9f6520abd32293
d7c5b524f646877f33186e2d90ed528e893924aa57ff193f8d2108b3b925325c
d92678a00e82d69efe8509b6fcc3a8d0d882de87c2291e9b114747b5b0556a6d
dc1b27ed9c1ea72a9ccfce4b43999e672a19f44c315c5d9d57eab7e8991ec672
dd05adfdbd8493c042e408146cbe190251f8b04e2da05adc3c180442ed6d1b5d
deababbfd8c2928100f3a8f9bcd7ab6b4666a0d2ef625e6d7f5cad6f69ba9000
e26f8d9a31fb35a72c7c813d9d5af28653d5f4ccb3e0a27f1b924cb889ca5cc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53a87b5bcab866622c429a5a8f2938efc4d75eb7b40f96426f899fcc74327ee
eabe1d070186dc76917efb7b52c3fa3e421003be7c88af140dae71880c9314fd
eafaad8b9aae287f0168a78986e7c823e218cd0394b90a66b3f0ae7a1c8b1b01
ebc72297be952f382a6e4725b630e59bdd311c3fb711d446f0a23b383c7739d4
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f922ec3e091e0e50cc095ba59b0b88f759414c2b98f50aa936307c4cd514cdcd
fc7a84a1254bb6db339dc2a8d9e183c5c562edbe87546432fa3bd31d64fad0f0
ffc0bcc3ae91f97a02fd47d1abf030d65c7274ad57c0ef36d0896bfe57f6b2e5