urlscan.io logo urlscan.io
SecurityTrails logo

form.truehealthextra.com Open in urlscan Pro
172.67.202.26  Public Scan

Go To Rescan Add Verdict Report
URL: https://form.truehealthextra.com/
Submission: On June 26 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 172.67.202.26, located in United States and belongs to CLOUDFLARENET, US. The main domain is form.truehealthextra.com.
TLS certificate: Issued by E5 on June 25th 2024. Valid for: 3 months.
This is the only time form.truehealthextra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 172.67.202.26 13335 (CLOUDFLAR...)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:249... 16509 (AMAZON-02)
3 23.96.124.68 8075 (MICROSOFT...)
2 54.174.155.8 14618 (AMAZON-AES)
4 52.1.143.199 14618 (AMAZON-AES)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.32.23.195 16509 (AMAZON-02)
24 11
7    172.67.202.26 (United States)

ASN13335 (CLOUDFLARENET, US)
form.truehealthextra.com
2    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:10::6816:26b6 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ip2geo.improvetool.com
1    2600:9000:2490:ea00:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-js.ringba.com
3    23.96.124.68 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
s.clarity.ms
2    54.174.155.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-155-8.compute-1.amazonaws.com
display.ringba.com
4    52.1.143.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-143-199.compute-1.amazonaws.com
create.leadid.com
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    13.32.23.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-195.fra56.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
Apex Domain
Subdomains		 Transfer
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
s.clarity.ms — Cisco Umbrella Rank: 7740
c.clarity.ms — Cisco Umbrella Rank: 1434
28 KB
7 truehealthextra.com
form.truehealthextra.com
750 KB
4 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13933
2 KB
3 ringba.com
b-js.ringba.com — Cisco Umbrella Rank: 142264
display.ringba.com — Cisco Umbrella Rank: 124582
14 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
766 B
1 improvetool.com
ip2geo.improvetool.com — Cisco Umbrella Rank: 316117
599 B
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 21704
39 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
85 KB
24 9
Domain Requested by
7 form.truehealthextra.com form.truehealthextra.com
4 create.leadid.com form.truehealthextra.com
3 s.clarity.ms form.truehealthextra.com
2 c.clarity.ms 1 redirects
2 display.ringba.com form.truehealthextra.com
2 www.clarity.ms form.truehealthextra.com
www.clarity.ms
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 c.bing.com 1 redirects
1 b-js.ringba.com form.truehealthextra.com
1 ip2geo.improvetool.com form.truehealthextra.com
1 create.lidstatic.com form.truehealthextra.com
1 www.googletagmanager.com form.truehealthextra.com
24 12

This site contains links to these domains. Also see Links.

Domain
truehealthextra.com
Subject Issuer Validity Valid
form.truehealthextra.com
E5		 2024-06-25 -
2024-09-23		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
lidstatic.com
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
improvetool.com
E1		 2024-05-28 -
2024-08-26		 3 months crt.sh
*.ringba.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-23		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-08-21 -
2024-09-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://form.truehealthextra.com/
Frame ID: CDB9E1A87FDE962DD43CCF723CA4D22A
Requests: 22 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=31DAA7A4-31E6-7A8E-992C-DF15ACDC7387&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A01B69CC-A55D-A9EE-18F9-B04CB9079619&lac=316745D9-64CE-D316-8E9D-6E6811E31771
Frame ID: 37864673B8C4238C5EB39E2F73F8A0C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TrueHealthExtra

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

24
Requests

96 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

919 kB
Transfer

3477 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8697463FFAF54DE4BC1A5BB2EC900397&RedC=c.clarity.ms&MXFR=356BEC9E8EB265FC15ABF8348AB26B87 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8697463FFAF54DE4BC1A5BB2EC900397&MUID=1A484735E947621A3F12539FE8EB636F

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
form.truehealthextra.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a23c665eabcd12f0376d9cbc0721e087e7b4e3d125200f86c2d3c86c8a72a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
899b01a9cbf12bd3-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 26 Jun 2024 06:05:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U4WVn3K%2BVOPlODhE2pMneP3urzGy6zL2IQrgDCjN9JlhPkyg0agfqipHlTW2G0IbJ8u7nPrp8q7LZCLraDo2RgjYE%2BrrWtlrCq3cxsBJDeeYjIWWuvwE6fwAToR1ebTTIYzW%2FrO2TCecUBA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
index.eefeb4b7.js
form.truehealthextra.com/assets/ 		2 MB
461 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/assets/index.eefeb4b7.js
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17cc3896e8f227d5ea8e3579073ccc0aeb3fcd997d593e9e39a8bc7ceac2f302
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Origin
https://form.truehealthextra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:35 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"6d55e546db97225cb7e5e1519806ad17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cf0eeCBNE7Ulh4L1k54A7XGCtH2LjuRaGaCIuCIEXqe0kVHv0ttZ73cSJ7%2BV0v6dmS8Z3UkP6c%2B8thpLtGaJE1ocLZoHciFqDzqh%2Bo7LoIiGmC7YojQGhEgYP70WwzWe8HdE%2BeXSpOig%2Ffg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
899b01aa5ca02bd3-FRA
alt-svc
h3=":443"; ma=86400
index.f46adc56.css
form.truehealthextra.com/assets/ 		185 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/assets/index.f46adc56.css
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46adc56e74a4d69bd9c94687e43e1960d4ed50e70295b7e72bb82fca1282915
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:35 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"44a2a130516142a53dfba523586a6990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRxgQVtVsPUHFUXfPyEifOFr82FQzMlxEJYP%2BLxzGKlX%2F8a6XppyX39yj3UZ4M%2Bu9IOwkuPPdQqKyhhde%2FGKv9UtZg8pbOrqm5ZufwGDFt0R%2B3WAPIQInJ50xBRakkloaZSHkl9Nf7kIuwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
899b01aa5ca52bd3-FRA
alt-svc
h3=":443"; ma=86400
mm28mazpk8
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/mm28mazpk8
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
724b976edbf30e7dc64e3a743e31a457c2950a64d2116bfa906123c46806a958

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Wed, 26 Jun 2024 06:05:36 GMT
x-azure-ref
20240626T060535Z-178b74c5885spff5czwsuk9nb000000001hg00000000pxwe
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
gtm.js
www.googletagmanager.com/ 		236 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NP5RRGBB
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b06c9b970b9e68cca255cae8b5eb19440699a93185d2d6bec5f7529f6a2574e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86773
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 26 Jun 2024 06:05:35 GMT
a01b69cc-a55d-a9ee-18f9-b04cb9079619.js
create.lidstatic.com/campaign/ 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/a01b69cc-a55d-a9ee-18f9-b04cb9079619.js?snippet_version=2
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b8c41d7fac36c258db43aa375cb6038ee77398e5ad342b65e92418f29e65c10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
x-amz-version-id
IakvDG1Z0H2yajgLGbez93Ja0ke0hoOo
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
BM7N5BPJ8GVVB81X
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
TnA55HGhWX0LT7x+wA1vRCrh604lZHJbmaTQ/bOfmepYHktwOvbs1qUICBMJHzVdAc2Yp+vLo9I=
last-modified
Fri, 07 Jun 2024 10:41:34 GMT
server
cloudflare
etag
W/"3afbcef36a2e51f1266f7852eb26411d"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
899b01aca95ebbce-FRA
/
ip2geo.improvetool.com/ 		200 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ip2geo.improvetool.com/
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbf11caec5d60b10523febe510c973f1c804c0651ed3882a10af78e195ac1ea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htpx488yPwaJkEUAamPC244JMElEcyQ6cVgaTyoPG83DSmZUAKxX3q903mFLXfzV4eJjbb3%2BDU3z5ld8XhzSTy%2FD1NT5B8wFbxSLnrHDeIJitNofa0hIWzQ08vannrT%2BNqC4AJBTyMnPBSx8UptMnhg5pgeD"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
899b01acfc0a2bbb-FRA
alt-svc
h3=":443"; ma=86400
CAb28161fa89bd458bb42a74723bcdca8d
b-js.ringba.com/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-js.ringba.com/CAb28161fa89bd458bb42a74723bcdca8d
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ea00:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
60b0318b742a1cc10079a0b37692b53917c64b40f220435350be2ec04fb2bce6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-runtime
27.0000
date
Wed, 26 Jun 2024 06:05:36 GMT
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA56-P6
x-powered-by
ASP.NET
access-control-max-age
300
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public
content-length
13212
x-amz-cf-id
p4ggVTCg1QMoAgFyAfl8MmxPUBsfkgP-thNhxYuGxig4XOlqaCHHFg==
expires
Wed, 26 Jun 2024 06:10:36 GMT
Roboto-Bold.ec685a46.ttf
form.truehealthextra.com/assets/ 		163 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/assets/Roboto-Bold.ec685a46.ttf
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.f46adc56.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/assets/index.f46adc56.css
Origin
https://form.truehealthextra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"f8945f378d58411db1bca70fedf03933"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkiv0p6kulsZerrfEMqbk14M0ewOjIO3uCk57g1S9eqyD9Cp6HzVXfHIxjoCH2wDUhlCpc71KrkMX17irFkiQplhpedBnOLPGD7vLGeiZ0Axu70NxSH0w0tjZzXWq2PajGtBf8T2k9wAJ3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
899b01ac8e5b2bd3-FRA
alt-svc
h3=":443"; ma=86400
Roboto-Medium.9d0d55a3.ttf
form.truehealthextra.com/assets/ 		165 KB
89 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/assets/Roboto-Medium.9d0d55a3.ttf
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.f46adc56.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/assets/index.f46adc56.css
Origin
https://form.truehealthextra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"9749ddc858c4fceefb5af204e5470b7d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QkiHJsQ0W1jmMebZvdJllKGQZOLsJynkxXsqHCg0JiLYrIsP%2FxdkaVTuZKleltYGRTnVrASKeDrhfo3RMQVMTH97DHvhWn61yBdgO9fv7MekC6IciclsD9nYhiJc9w1rsN6Kv7r2s3STt4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
899b01ac8e5e2bd3-FRA
alt-svc
h3=":443"; ma=86400
Roboto-Regular.4e147ab6.ttf
form.truehealthextra.com/assets/ 		164 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/assets/Roboto-Regular.4e147ab6.ttf
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.f46adc56.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/assets/index.f46adc56.css
Origin
https://form.truehealthextra.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"c409fafc6687f55d6bfa3a192e4db4a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jnlsga67rNUeZ95LzfYUnIFB613j6vVZkH4kmhTVX1MYzlSg7nPmqyChOu8B9M2exbvAHAsJU2wvZvi9jGpHcaEzhIdGnQC9l7JrX12nKIviXu5DB9ddUv42Xtj%2BfpNm8lLzmGrqkp5GC00%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
899b01ac8e5f2bd3-FRA
alt-svc
h3=":443"; ma=86400
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/mm28mazpk8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240626T060536Z-178b74c5885spff5czwsuk9nb000000001hg00000000pxx5
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7c86e424-301e-0000-396b-c62edb000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
s.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://form.truehealthextra.com
Date
Wed, 26 Jun 2024 06:05:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
gnbulk
display.ringba.com/v2/nis/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.155.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-155-8.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
baggage,sentry-trace
Access-Control-Request-Method
POST
Origin
https://form.truehealthextra.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
baggage,sentry-trace
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://form.truehealthextra.com
Access-Control-Max-Age
300
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Wed, 26 Jun 2024 06:05:36 GMT
Expires
-1
Pragma
no-cache
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
gnbulk
display.ringba.com/v2/nis/ 		392 B
787 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.ringba.com/v2/nis/gnbulk
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.155.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-174-155-8.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1f3770ba18bedbcc63079cd940e36ba12aafdaad5467b6a4fd775ae7048abdf2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain
Referer
https://form.truehealthextra.com/
baggage
sentry-environment=TrueHealthExtra,sentry-transaction=InitStep,sentry-public_key=02f8f0444380428699ef279e8620ddfe,sentry-trace_id=3b78fb776bb647b79a5d27a79dc8de11,sentry-sample_rate=0.1
sentry-trace
3b78fb776bb647b79a5d27a79dc8de11-a6608fbe1a3ac792-0
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Wed, 26 Jun 2024 06:05:36 GMT
X-Runtime
0.0300
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Access-Control-Max-Age
300
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://form.truehealthextra.com
Cache-Control
no-cache
Connection
keep-alive
Content-Length
392
Expires
-1
GenerateToken
create.leadid.com/2.12.1/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=06b3a5c2-f54c-4fe0-a6f1-95d11fd997be&_=348023154
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.1.143.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-143-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e26ec6619e010ead85a3e1131ba26d2937e62c6b5d9c846e61594b8f664db821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 06:05:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8697463FFAF54DE4BC1A5BB2EC900397&RedC=c.clarity.ms&MXFR=356BEC9E8EB265FC15ABF8348AB26B87
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8697463FFAF54DE4BC1A5BB2EC900397&MUID=1A484735E947621A3F12539FE8EB636F
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8697463FFAF54DE4BC1A5BB2EC900397&MUID=1A484735E947621A3F12539FE8EB636F
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://form.truehealthextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Jun 2024 06:05:36 GMT
last-modified
Wed, 19 Jun 2024 18:40:50 GMT
server
Microsoft-IIS/10.0
etag
"2c9f213578c2da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 26 Jun 2024 06:05:36 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D1CD996AB7054438A49BAA689FCDF398 Ref B: FRA31EDGE0717 Ref C: 2024-06-26T06:05:36Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8697463FFAF54DE4BC1A5BB2EC900397&MUID=1A484735E947621A3F12539FE8EB636F
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon-32x32.png
form.truehealthextra.com/benefitcheckers/ 		590 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://form.truehealthextra.com/benefitcheckers/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.202.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77b0f0f8d3c1ba62a00dd202f3c878eb643ec3c6033cdebee1e8b32e422620b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 06:05:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
590
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"f3c6695f580df6aae593dcdbe1f1a4f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFy1KeUlRmA4AX8JQLReHaJZmaxy%2Bx6R%2F9A4czhl5Ey3aNsYAzZ5jEYNrWzPMZIPIK6r5OF8dxtFleQCTYJgfwjQcXojBTMuaA17Xu%2BASTZa1njspzWqO5G5%2F32JyTp5qapOEjOamXvxpt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
899b01b06a2d2bd3-FRA
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 3786 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=31DAA7A4-31E6-7A8E-992C-DF15ACDC7387&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=A01B69CC-A55D-A9EE-18F9-B04CB9079619&lac=316745D9-64CE-D316-8E9D-6E6811E31771
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/a01b69cc-a55d-a9ee-18f9-b04cb9079619.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-195.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://form.truehealthextra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
85245
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 25 Jun 2024 06:24:52 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
hPOyhD7_LNfoDYUsBl863H57EzmDUczeMRm-Y8molw0rRMgbZychEg==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=06b3a5c2-f54c-4fe0-a6f1-95d11fd997be&token=31DAA7A4-31E6-7A8E-992C-DF15ACDC7387&_=348023155
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.1.143.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-143-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 06:05:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=06b3a5c2-f54c-4fe0-a6f1-95d11fd997be&token=31DAA7A4-31E6-7A8E-992C-DF15ACDC7387&_=348023156
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.1.143.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-143-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 06:05:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=06b3a5c2-f54c-4fe0-a6f1-95d11fd997be&token=31DAA7A4-31E6-7A8E-992C-DF15ACDC7387&_=348023157
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.1.143.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-143-199.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 26 Jun 2024 06:05:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
s.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://form.truehealthextra.com
Date
Wed, 26 Jun 2024 06:05:37 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
s.clarity.ms/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.clarity.ms/collect
Requested by
Host: form.truehealthextra.com
URL: https://form.truehealthextra.com/assets/index.eefeb4b7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://form.truehealthextra.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://form.truehealthextra.com
Date
Wed, 26 Jun 2024 06:05:39 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| clarity object| dataLayer object| google_tag_manager object| google_tag_data object| __vueuse_ssr_handlers__ function| Cleave object| __SENTRY__ boolean| __VUE__ object| ringba_known_numbers object| _rgba object| ringba object| _rgba_tags object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame

16 Cookies

Domain/Path Name / Value
.truehealthextra.com/ Name: _gcl_au
Value: 1.1.1499643604.1719381936
www.clarity.ms/ Name: CLID
Value: 8531dbc8968f4b6db74c166653620057.20240626.20250626
.truehealthextra.com/ Name: _clck
Value: 1w32vq9%7C2%7Cfmy%7C0%7C1638
.truehealthextra.com/ Name: _clsk
Value: 1c6gthz%7C1719381936789%7C1%7C1%7Cs.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 1A484735E947621A3F12539FE8EB636F
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1A484735E947621A3F12539FE8EB636F
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1A484735E947621A3F12539FE8EB636F
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
form.truehealthextra.com/ Name: leadid_token-316745D9-64CE-D316-8E9D-6E6811E31771-A01B69CC-A55D-A9EE-18F9-B04CB9079619
Value: 31DAA7A4-31E6-7A8E-992C-DF15ACDC7387
.trueleadid.com/ Name: nlbi_3051494
Value: TxmITkeRHDz4U2uCC30iGwAAAABELktKjdCaqz9J7/ruXuKb
.trueleadid.com/ Name: visid_incap_3051494
Value: U2fQ4yYPSTyipt8NY7qzH7Cve2YAAAAAQUIPAAAAAAATGMn1EUe5Eezzfj/AmZPM
.trueleadid.com/ Name: incap_ses_260_3051494
Value: Q3NLbKGFBHgY3juuobSbA7Cve2YAAAAAqAQOL1jp2YgtDHEFYVymfg==
.deviceid.trueleadid.com/ Name: uuid
Value: 32bc162f7e194a609e4bd2b00c5a2828

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b-js.ringba.com
c.bing.com
c.clarity.ms
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
display.ringba.com
form.truehealthextra.com
ip2geo.improvetool.com
s.clarity.ms
www.clarity.ms
www.googletagmanager.com
13.32.23.195
13.74.129.1
172.67.202.26
23.96.124.68
2600:9000:2490:ea00:4:1957:6500:93a1
2606:4700:10::6816:26b6
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:830::2008
2a06:98c1:3120::3
52.1.143.199
54.174.155.8
17cc3896e8f227d5ea8e3579073ccc0aeb3fcd997d593e9e39a8bc7ceac2f302
1dbf11caec5d60b10523febe510c973f1c804c0651ed3882a10af78e195ac1ea
1f3770ba18bedbcc63079cd940e36ba12aafdaad5467b6a4fd775ae7048abdf2
4e147ab64b9fdf6d89d01f6b8c3ca0b3cddc59d608a8e2218f9a2504b5c98e14
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
60b0318b742a1cc10079a0b37692b53917c64b40f220435350be2ec04fb2bce6
724b976edbf30e7dc64e3a743e31a457c2950a64d2116bfa906123c46806a958
80a23c665eabcd12f0376d9cbc0721e087e7b4e3d125200f86c2d3c86c8a72a8
8b8c41d7fac36c258db43aa375cb6038ee77398e5ad342b65e92418f29e65c10
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d0d55a303bfd13b79a87721f65185e93f235e2d77fe398b2dca67ac519915f5
b06c9b970b9e68cca255cae8b5eb19440699a93185d2d6bec5f7529f6a2574e0
e26ec6619e010ead85a3e1131ba26d2937e62c6b5d9c846e61594b8f664db821
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec685a46105296fe46c8744da4a11cf8118ba6c11271941766f7a546df6aa7c7
f46adc56e74a4d69bd9c94687e43e1960d4ed50e70295b7e72bb82fca1282915
f77b0f0f8d3c1ba62a00dd202f3c878eb643ec3c6033cdebee1e8b32e422620b