dx.healthcasts.com Open in urlscan Pro
3.12.65.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dx.healthcasts.com/registration
Submission: On November 04 via manual (November 4th 2024, 5:32:28 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 19 domains to perform 57 HTTP transactions. The main IP is 3.12.65.200, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is dx.healthcasts.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 29th 2024. Valid for: a year.

This is the only time dx.healthcasts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	3.12.65.200 3.12.65.200	16509 (AMAZON-02) (AMAZON-02)
1	142.132.205.219 142.132.205.219	24940 (HETZNER-AS) (HETZNER-AS)
6	2600:9000:206... 2600:9000:206f:ba00:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:1fae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	148.59.128.196 148.59.128.196	33561 (LUNAVI-WY) (LUNAVI-WY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:440... 2606:4700:4400::6812:22d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.129.123 3.5.129.123	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
57	20

10 3.12.65.200 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-65-200.us-east-2.compute.amazonaws.com

dx.healthcasts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.205.219 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.219.205.132.142.clients.your-server.de

servedbyadbutler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:ba00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 148.59.128.196 (Canada)

ASN33561 (LUNAVI-WY, US)

track.cbdatatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cbvisittracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22d6 (United States)

ASN13335 (CLOUDFLARENET, US)

trackcmp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.129.123 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

docdx-public.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	healthcasts.com dx.healthcasts.com	2 MB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4670	22 KB
5	cbdatatracker.com track.cbdatatracker.com — Cisco Umbrella Rank: 155523	21 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	6 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	337 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
3	google.com www.google.com — Cisco Umbrella Rank: 3	999 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	312 KB
2	cbvisittracker.com www.cbvisittracker.com — Cisco Umbrella Rank: 363334	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	cloudfront.net d1eoo1tco6rr5e.cloudfront.net
2	adsrvr.org 2 redirects insight.adsrvr.org — Cisco Umbrella Rank: 945	173 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 1994 alb.reddit.com — Cisco Umbrella Rank: 1330	1 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1063	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	app-us1.com diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9320 prism.app-us1.com — Cisco Umbrella Rank: 9406	8 KB
1	amazonaws.com docdx-public.s3.us-east-2.amazonaws.com	85 KB
1	trackcmp.net trackcmp.net — Cisco Umbrella Rank: 9615	315 B
1	servedbyadbutler.com servedbyadbutler.com — Cisco Umbrella Rank: 8793	13 KB
57	19

	Domain	Requested by
10	dx.healthcasts.com	dx.healthcasts.com
6	nexus.ensighten.com	dx.healthcasts.com nexus.ensighten.com
5	track.cbdatatracker.com	dx.healthcasts.com
5	fonts.googleapis.com	dx.healthcasts.com
4	region1.google-analytics.com	www.googletagmanager.com dx.healthcasts.com
3	www.google.com	dx.healthcasts.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	dx.healthcasts.com www.googletagmanager.com
2	www.cbvisittracker.com	track.cbdatatracker.com www.cbvisittracker.com
2	www.facebook.com	dx.healthcasts.com
2	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
2	insight.adsrvr.org	2 redirects
2	www.redditstatic.com	dx.healthcasts.com www.redditstatic.com
2	connect.facebook.net	dx.healthcasts.com connect.facebook.net
1	www.gstatic.com	www.google.com
1	docdx-public.s3.us-east-2.amazonaws.com	dx.healthcasts.com
1	trackcmp.net	diffuser-cdn.app-us1.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	alb.reddit.com	dx.healthcasts.com
1	pixel-config.reddit.com	www.redditstatic.com
1	diffuser-cdn.app-us1.com	dx.healthcasts.com
1	servedbyadbutler.com	dx.healthcasts.com
57	22

This site contains links to these domains. Also see Links.

Domain
ai.consensus-md.com
www.healthcasts.com
healthcasts.com

Subject Issuer	Validity	Valid
*.healthcasts.com Go Daddy Secure Certificate Authority - G2	`2024-01-29` - `2025-03-01`	a year	crt.sh
servedbyadbutler.com Sectigo RSA Domain Validation Secure Server CA	`2024-10-01` - `2025-01-18`	4 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
diffuser-cdn.app-us1.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
track.cbdatatracker.com RapidSSL TLS RSA CA G1	`2024-04-03` - `2025-04-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-13` - `2024-11-11`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-06` - `2025-04-03`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh
prism.app-us1.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
trackcmp.net WE1	`2024-09-23` - `2024-12-22`	3 months	crt.sh
www.cbvisittracker.com RapidSSL TLS RSA CA G1	`2024-02-14` - `2025-02-13`	a year	crt.sh
*.s3.us-east-2.amazonaws.com Amazon RSA 2048 M01	`2024-02-29` - `2025-02-12`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://dx.healthcasts.com/registration
Frame ID: 88B7639AD0FD0984505176E51E2B61E9
Requests: 51 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
Frame ID: F3DEB640EB7A264893BBF7C7C1734C73
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
Frame ID: ED094902C7093EDBFBA7FCCD5984FE4A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=u2131y6x1u0p
Frame ID: 3E82B920A884B15E094DA3CBEC126BCA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=amp3fd9njs1n
Frame ID: 186D56DFD4EC793103AD6FE166885FB3
Requests: 1 HTTP requests in this frame

Frame: https://www.cbvisittracker.com/Cookie/Frame.html
Frame ID: 76AF377EBAA61CBAA0C577F46059996E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healthcasts

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

57
Requests

100 %
HTTPS

60 %
IPv6

19
Domains

22
Subdomains

20
IPs

3
Countries

2504 kB
Transfer

8200 kB
Size

17
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://ai.consensus-md.com/

Search URL Search Domain Scan URL

URL: https://www.healthcasts.com/privacypolicy.html
Title: Privacy Policy Statement.

Search URL Search Domain Scan URL

URL: https://healthcasts.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://insight.adsrvr.org/tags/mzyyllb/bn7lqz0/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe

Request Chain 29

https://insight.adsrvr.org/tags/mzyyllb/b2i29og/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request registration Show response
dx.healthcasts.com/ 3 KB
2 KB 822ms
133ms Document
text/html 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

8a0a5b56153856704c051d33f9dd6acca4849a3dda0f02d6e110ca3bbb63df5f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1391
Content-Type: text/html; charset=UTF-8
Date: Mon, 04 Nov 2024 17:32:16 GMT
ETag: W/"cdb-192d986eb98"
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding
X-Powered-By: Express
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 app.js Show response
servedbyadbutler.com/ 68 KB
13 KB 140ms
41ms Script
application/javascript 142.132.205.219
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://servedbyadbutler.com/app.js
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.205.219 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.219.205.132.142.clients.your-server.de
Software: nginx /
Resource Hash: 05b53ae7d88099a65709ead2202f522cc99f15f43838f6ee5107345b65c88d1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: max-age=1800
content-encoding: gzip
etag: W/"66df3f4d-10e28"
expires: Mon, 04 Nov 2024 18:02:16 GMT
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/javascript
last-modified: Mon, 09 Sep 2024 18:32:45 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/10961/ 58 KB
17 KB 83ms
26ms Script
application/javascript 2600:9000:206f:ba00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ba00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bcf3774f56c33823d0ad4bb0c67fb56cf4196648d597e86c5d3d42ca99ccd343

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
x-amz-version-id: QtwaIGbMQI2j2_Qe2TpDYvF.4wKD0iZq
etag: W/"05594310364ca3251521b146b56cc88c"
age: 1290218
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 4Y2kmgusn62KP2RHwZS_CldsReFDiKOF-IcKkIEHHPKOi9Fit64HeA==
date: Sun, 20 Oct 2024 19:08:39 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 17 Jul 2024 23:01:03 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 84ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 16:58:57 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 818 B
477 B 83ms
32ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 17:32:11 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK 2.ef045421.chunk.css
dx.healthcasts.com/static/css/ 32 KB
5 KB 138ms
136ms Stylesheet
text/css 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/static/css/2.ef045421.chunk.css

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

493c601d6e3b7499f0a6080928890c425b9e8ff0e4960ca79fbb176aca4962b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

x-frame-options: SAMEORIGIN
transfer-encoding: chunked
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ETag: W/"8052-192d986eb98"
Connection: keep-alive
Accept-Ranges: bytes
Date: Mon, 04 Nov 2024 17:32:16 GMT
x-xss-protection: 1; mode=block
Content-Type: text/css; charset=UTF-8
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding

GET
H/1.1 200
OK main.531d1d6f.chunk.css
dx.healthcasts.com/static/css/ 647 KB
110 KB 274ms
134ms Stylesheet
text/css 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

75461830183986b7c1fb88bfa138b92daf54dc0e3bd9aea2e38999c9a1ba0ed8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

x-frame-options: SAMEORIGIN
transfer-encoding: chunked
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ETag: W/"a1b00-192d986eb98"
Connection: keep-alive
Accept-Ranges: bytes
Date: Mon, 04 Nov 2024 17:32:16 GMT
x-xss-protection: 1; mode=block
Content-Type: text/css; charset=UTF-8
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding

GET
H/1.1 200
OK runtime-main.deec0a1f.js Show response
dx.healthcasts.com/static/js/ 2 KB
1 KB 780ms
521ms Script
application/javascript 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/static/js/runtime-main.deec0a1f.js

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

34cbf1f6ab47ff97ce48a8f2a315fb2202067b6e813a0b96a813a2f52f1a86c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

x-frame-options: SAMEORIGIN
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ETag: W/"629-192d986eb98"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 777
Date: Mon, 04 Nov 2024 17:32:16 GMT
x-xss-protection: 1; mode=block
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding

GET
H/1.1 200
OK 2.86c20add.chunk.js Show response
dx.healthcasts.com/static/js/ 5 MB
1 MB 404ms
137ms Script
application/javascript 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/static/js/2.86c20add.chunk.js

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

cc2031848c0a2d938e21abe95b3acec64d5d24472d69259a889a5dc508c8583d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

x-frame-options: SAMEORIGIN
transfer-encoding: chunked
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ETag: W/"495795-192d986eb98"
Connection: keep-alive
Accept-Ranges: bytes
Date: Mon, 04 Nov 2024 17:32:16 GMT
x-xss-protection: 1; mode=block
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding

GET
H/1.1 200
OK main.0aef52e4.chunk.js Show response
dx.healthcasts.com/static/js/ 523 KB
139 KB 408ms
141ms Script
application/javascript 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/static/js/main.0aef52e4.chunk.js

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

e53c146652690bc65834dd5916dac1feb2d826581006dc50bf2373234eb8073e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

x-frame-options: SAMEORIGIN
transfer-encoding: chunked
X-Powered-By: Express
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
ETag: W/"82a8c-192d986eb98"
Connection: keep-alive
Accept-Ranges: bytes
Date: Mon, 04 Nov 2024 17:32:16 GMT
x-xss-protection: 1; mode=block
Content-Type: application/javascript; charset=UTF-8
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
Vary: Accept-Encoding

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 32 KB
8 KB 124ms
50ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"234346615b452270c8ee1158258c83bb"
age: 93
x-cache: Hit from cloudfront
x-amz-cf-id: TKb5gcu33dnGYxCHYUFyb2cxYN-fDF0bNXv2W9GDOkRK97K_IinWxA==
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:47:53 GMT
vary: accept-encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=300
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
cf-ray: 8dd657aa0e4d9c00-FRA
x-amz-cf-pop: FRA60-P10
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
75 KB 111ms
41ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WCFMM72

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

677c4695323a1cf6c96c999bb22312beec11c1a376b4c267c406aec0cc4a8183

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 75841
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Home Show response
track.cbdatatracker.com/ 21 KB
21 KB 1168ms
294ms Script
text/javascript 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/Home?v=3&id=%278891fbe4-17f3-402e-8db8-23164178bd57%27
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 50d27844aa8ad62c68d7f548ddf15013fe588e872bed9cd05f0c0345ba9f0417

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: private
x-aspnet-version: 4.0.30319
alt-svc: h3=":443";
content-length: 21319
date: Mon, 04 Nov 2024 17:32:14 GMT
content-type: text/javascript; charset=utf-8
x-powered-by: ASP.NET
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/10961/ 647 B
980 B 55ms
51ms Script
text/javascript 2600:9000:206f:ba00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/10961/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/10961/code/&publishedOn=Wed%20Jul%2017%2023:00:53%20GMT%202024&ClientID=923&PageID=https%3A%2F%2Fdx.healthcasts.com%2Fregistration
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ba00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 6db1cc3256734e40616f25f953e68eaf0e96d6b05089719f42f1fa667e10ba53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
expires: Mon, 04 Nov 2024 17:32:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 647
x-amz-cf-id: W7jDXykdNA_ogq9tWozYln3TzHMjsLnQlNslPdgzd4OpYhjRKL5lkQ==
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 67ms
24ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-JHCkulLb' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-JHCkulLb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=23, mss=1232, tbw=4447, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 21jXg1au46WnK7pH2gWsgO0eer3UxEccYOxOOZxipPSA5VLKcbwOaYL3V7o0Vktfkhl0FiOPrXkkXvq9V8Uqfw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 92ms
23ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12126
date: Mon, 04 Nov 2024 17:32:16 GMT
last-modified: Tue, 15 Oct 2024 19:34:59 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H3 200 b85dc0f6f3a4ea8fc121231c317525c0.js Show response
nexus.ensighten.com/choozle/10961/code/ 583 B
1000 B 28ms
27ms Script
application/javascript 2600:9000:206f:ba00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/10961/code/b85dc0f6f3a4ea8fc121231c317525c0.js?conditionId0=4958059&conditionId1=4958060
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:ba00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9a78701f6e49e71ab4a15f85c515418a37fb8e7e179b2686faa795765a402bac

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

etag: "bd833dd44a422db4eabf82aebcec5ae6"
age: 7156383
x-amz-version-id: 3RqKKDUhbktE1fbB9kQ4ChDcQdXeQddU
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: gftVJ4eNfyqj8Thxvpi_7nzbjBSDqsOpWDpShhAVmn79MeIrcZnQqQ==
date: Tue, 13 Aug 2024 21:39:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 31 May 2024 18:36:50 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 583
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 64d96158fcbd2ab76c894c93f072f7c9.js Show response
nexus.ensighten.com/choozle/10961/code/ 3 KB
1007 B 27ms
26ms Script
application/javascript 2600:9000:206f:ba00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/10961/code/64d96158fcbd2ab76c894c93f072f7c9.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:ba00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e322190b19607a24bc2e50477ebf423769e61fd20628bd835984c95ea41705f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: br
etag: W/"14c40e510dbcda0cc4c82a6b0f03a09b"
age: 397844
x-amz-version-id: _n3o5E_rcs2XXee0qmERbuwF_Ykvp9HD
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: eUMons8HjbKlW6642Aj6BntwtG2V97-SWtaF5iGJNYM_IgwWfp6VHw==
date: Thu, 31 Oct 2024 03:01:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 31 May 2024 18:36:50 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 67f667276b481585ee1bf973c6460b0b.js Show response
nexus.ensighten.com/choozle/10961/code/ 673 B
1 KB 28ms
27ms Script
application/javascript 2600:9000:206f:ba00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/10961/code/67f667276b481585ee1bf973c6460b0b.js?conditionId0=4964206
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:ba00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 078aa8e91bfa377f8e66ef1085006a1edc21c4532f707eee068014725dec0922

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

etag: "42ac390058328fa788a48c7752a37b26"
age: 363492
x-amz-version-id: lhpSk3cdHZedsR4KeeA.E3CpwRv871dZ
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: j5VmQLes77RVF3QV00_9nFMkSDVZzJC6JZlzKpJQtMgNzNRL4UalaQ==
date: Thu, 31 Oct 2024 12:34:05 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 17 Jul 2024 23:01:03 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 673
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 264631fb7f96cb44664c95b0154b3a08.js Show response
nexus.ensighten.com/choozle/10961/code/ 673 B
1 KB 27ms
26ms Script
application/javascript 2600:9000:206f:ba00:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/10961/code/264631fb7f96cb44664c95b0154b3a08.js?conditionId0=4963319
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:ba00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 34d66af02ece24fc0d1114abb1071ab38fc299604b2fa55db2fdcdda49bc3ca3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

etag: "2661573110210dcb0e51909cac955e94"
age: 829900
x-amz-version-id: LCydzeit_W9mGJtDNY6.dGghJWd5V53A
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: OfqEXamB8Ycfuk5kbIf5t1-lNNgC0R0ZcZLGUu5K9b0I_D04lSDEtw==
date: Sat, 26 Oct 2024 03:00:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 31 May 2024 18:36:49 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 673
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/a2_fociv6tppkz9/ 949 B
393 B 248ms
159ms XHR
application/json 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/a2_fociv6tppkz9/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa26b15f22e1aa95c836e1b09c3b28bd01bee9de6f51987a4a8640cb25218fcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 295
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/json

GET
H2 200 a2_fociv6tppkz9_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
700 B 85ms
34ms XHR
application/json 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_fociv6tppkz9_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 98
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 144ms
43ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1730741536331&id=a2_fociv6tppkz9&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=16377eb1-0a0f-4e39-a227-72006109c6ad&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: image/gif
server: Varnish

GET
H3 200 1731702260980651 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 157ms
156ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1731702260980651?v=2.9.176&r=stable&domain=dx.healthcasts.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e558fd582c2874be3daccf72e1cd74838db115f8cdde6fcbf822fa35ce4cd92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-KE7TyqfM' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-KE7TyqfM' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=71, mss=1232, tbw=70846, tp=67, tpl=0, uplat=134, ullat=0
pragma: public
x-fb-debug: Sk4Y5LR58FsA++p8Fn5jHGKS5EbUGSJsdLngZDN2WNoKEFcusc6qnAVwvfrvIUQLJxHRfe+BSExU8KlGCWKyCA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 / Show response
prism.app-us1.com/ 248 B
497 B 265ms
205ms Script
application/javascript 2606:4700::6811:1fae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prism.app-us1.com/?a=226130963&u=https%3A%2F%2Fdx.healthcasts.com%2Fregistration

Requested by

Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.1.29

Resource Hash

352a418e69c7db00a1a923dc5b6ac65395b10262e0da4e47ba3f09ad3438d936

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 78
cf-ray: 8dd657aaaca09b70-FRA
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/javascript
x-powered-by: PHP/8.1.29
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 314 KB
105 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X1THHMW2QS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFMM72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

260f1948e2fe1e4801b9ec20a7296234b9d7e550b5eb631aad7910d3ccc54ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107415
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 414 KB
132 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LG38XJB31H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WCFMM72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2642734a73fd1bfeb7309c3baaeea1ddfdefc6e01925bf3884ee2d0fa1fe9a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134744
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 160ms
50ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X1THHMW2QS&gtm=45je4au0v9100870118z89100728977za200zb9100728977&_p=1730741536156&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=607890330.1730741537&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730741536&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1218
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X1THHMW2QS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://dx.healthcasts.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 107ms
53ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LG38XJB31H&gtm=45je4au0v9102386499z89100728977za200zb9100728977&_p=1730741536156&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=607890330.1730741537&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730741536&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=page_view&_fv=1&_ss=1&tfd=1274
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LG38XJB31H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://dx.healthcasts.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/ Frame F3DE
Redirect Chain

https://insight.adsrvr.org/tags/mzyyllb/bn7lqz0/iframe
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe

0
0

106ms
22ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/code/264631fb7f96cb44664c95b0154b3a08.js?conditionId0=4963319
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://dx.healthcasts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 51933
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 137
Content-Type: text/html
Date: Mon, 04 Nov 2024 03:06:44 GMT
ETag: "737f1a316b894660a6a5dbceff90f0d7"
Last-Modified: Fri, 31 May 2024 04:38:50 GMT
Server: AmazonS3
Via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 5YSLsk9MzDm-6Y-7otQvB75R7nFeBbZgW1OxJKBiSPmBO34YWnTRLA==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Mon, 04 Nov 2024 17:32:16 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/bn7lqz0/iframe

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/ Frame ED09
Redirect Chain

https://insight.adsrvr.org/tags/mzyyllb/b2i29og/iframe
https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe

0
0

522ms
412ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/10961/code/67f667276b481585ee1bf973c6460b0b.js?conditionId0=4964206
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://dx.healthcasts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 137
Content-Type: text/html
Date: Mon, 04 Nov 2024 17:32:18 GMT
ETag: "2365c0a4760e22d54c4055810c670f34"
Last-Modified: Wed, 17 Jul 2024 22:58:19 GMT
Server: AmazonS3
Via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Qbu8cRrYQVVI6pMyv9eqxVesqyuJRq5ll8Z4PypF7Y_a59hnpzLxyg==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: RefreshHit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Mon, 04 Nov 2024 17:32:16 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/mzyyllb/b2i29og/iframe

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 96ms
25ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1731702260980651&ev=PageView&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&rl=&if=false&ts=1730741536608&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730741536607.956289039155307835&ler=empty&cdl=API_unavailable&it=1730741536350&coo=false&rqm=GET

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2924, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 239ms
169ms Image
image/png 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1731702260980651&ev=PageView&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&rl=&if=false&ts=1730741536608&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730741536607.956289039155307835&ler=empty&cdl=API_unavailable&it=1730741536350&coo=false&rqm=FGET

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7433478295810887909"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: PYk4cDAw718joT9GMgoo6dP+5KooXIBttxyy4lzVNZwtXrUWJ1aQ6truKXWawjsRw6YrjEKTj7pu72mpuqFwtw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7433478295810887909", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1328, tbw=3242, tp=-1, tpl=-1, uplat=146, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 t_prism_sitemessages.php Show response
trackcmp.net/ 0
315 B 222ms
142ms Script
text/javascript 2606:4700:4400::6812:22d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackcmp.net/t_prism_sitemessages.php?trackid=226130963&prismid=41758de5-6701-4f29-a291-efd091341a08&url=https%3A%2F%2Fdx.healthcasts.com%2Fregistration
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: no-cache, private
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
x-envoy-upstream-service-time: 12
cf-ray: 8dd657ac7ca39256-FRA
content-length: 0
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/8.1.30
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 3 KB
573 B 33ms
30ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 17:10:19 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 17 KB
2 KB 44ms
41ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 16:59:25 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
914 B 44ms
41ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital@0;1&family=Literata:ital,opsz,wght@0,7..72,600;1,7..72,600&display=swap

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

93e984b7b94d2a869d5313b60216d067f07c2f1e6137e24ddc629bf94dce6a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 17:32:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:16 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 17:32:16 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 CookieReadJS.js Show response
www.cbvisittracker.com/Cookie/ 2 KB
2 KB 644ms
179ms Script
application/javascript 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cbvisittracker.com/Cookie/CookieReadJS.js
Requested by: Host: track.cbdatatracker.com
URL: https://track.cbdatatracker.com/Home?v=3&id=%278891fbe4-17f3-402e-8db8-23164178bd57%27
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 70bf7023316ccd73b8775a094d634f51de416e9574344caca0b77137b5dbc0e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

etag: "4cd7548895fda1:0"
accept-ranges: bytes
alt-svc: h3=":443";
content-length: 2037
date: Mon, 04 Nov 2024 17:32:15 GMT
content-type: application/javascript
last-modified: Wed, 14 Feb 2024 21:03:39 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7933d7eef56f5080dfbe4a8ce1bdf0703e1fc8229d834c86d258766b369668e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK logo.ed1e27dd.png
dx.healthcasts.com/static/media/ 19 KB
20 KB 138ms
137ms Image
image/png 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dx.healthcasts.com/static/media/logo.ed1e27dd.png

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/registration

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

3679d319283ea25050bb0d26fc71fa450d4bb05193b2458df64c3cfc021fd334

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

X-Powered-By: Express
Cache-Control: public, max-age=31536000
ETag: W/"4d0f-192d986eb98"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19727
Date: Mon, 04 Nov 2024 17:32:18 GMT
x-xss-protection: 1; mode=block
Content-Type: image/png
Last-Modified: Tue, 29 Oct 2024 18:25:51 GMT
Server: nginx/1.22.1
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK Healthcasts-Login-Background-image.jpg
docdx-public.s3.us-east-2.amazonaws.com/images/ 85 KB
85 KB 568ms
252ms Image
image/jpeg 3.5.129.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://docdx-public.s3.us-east-2.amazonaws.com/images/Healthcasts-Login-Background-image.jpg
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/css/main.531d1d6f.chunk.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.129.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8f3a3a9ab571e9a0c72aea87cd839bc8fbd9dc48bb7506228f30532b31bea1b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

x-amz-id-2: RwHksX9dXdh/XC/jBHxXFkoKde+b5qQPpEa9F6q5DAJpfc5gp/YW5S7OzNSBrKsaJhYqN+PD5KZFZHYJtiWQBroI+1ux627PMUVALOAxLMM=
ETag: "5d05291c3b29d38fcaebcae7f10aec33"
x-amz-request-id: N9H4VAMDNJ0Q5ZX0
Accept-Ranges: bytes
Content-Length: 87047
Date: Mon, 04 Nov 2024 17:32:19 GMT
Last-Modified: Wed, 31 May 2023 18:14:56 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 146ms
32ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dx.healthcasts.com
Referer: https://fonts.googleapis.com/

Response headers

age: 588775
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 28 Oct 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H3 200 or38Q6P12-iJxAIgLa78DkTtAoDhk0oVe6XlbJ5W.woff2
fonts.gstatic.com/s/literata/v35/ 49 KB
49 KB 192ms
78ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/literata/v35/or38Q6P12-iJxAIgLa78DkTtAoDhk0oVe6XlbJ5W.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital@0;1&family=Literata:ital,opsz,wght@0,7..72,600;1,7..72,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aef2d1053042593b9f63696e708fad6c85783ce3a781810e76533df61a163a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dx.healthcasts.com
Referer: https://fonts.googleapis.com/

Response headers

report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 17:32:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:18 GMT
content-type: font/woff2
last-modified: Tue, 06 Jun 2023 20:22:39 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 50232
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 158ms
44ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dx.healthcasts.com
Referer: https://fonts.googleapis.com/

Response headers

age: 439541
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:26:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:26:37 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
999 B 173ms
43ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/main.0aef52e4.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32ce4fc671ad614bc2a54455b7810116739df9a04ccd6d047ebb479ecb7fd25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 17:32:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Mon, 04 Nov 2024 17:32:18 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK specialties Show response
dx.healthcasts.com/api/v1/ 871 B
1 KB 204ms
204ms XHR
application/json 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/api/v1/specialties

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

defe5dde65896a803cbed774d8b136d17cf816be16b18227ff24b007051dbc03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://dx.healthcasts.com/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Pragma: no-cache

Response headers

ETag: W/"367-7PUD6VijWLmtowG6w8teJHmKwmo"
Connection: keep-alive
Content-Length: 871
x-xss-protection: 1; mode=block
Date: Mon, 04 Nov 2024 17:32:18 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Server: nginx/1.22.1
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK specialties Show response
dx.healthcasts.com/api/v1/ 871 B
1 KB 169ms
169ms XHR
application/json 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/api/v1/specialties

Requested by

Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

defe5dde65896a803cbed774d8b136d17cf816be16b18227ff24b007051dbc03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Cache-Control: no-cache
Referer: https://dx.healthcasts.com/registration
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Pragma: no-cache

Response headers

ETag: W/"367-7PUD6VijWLmtowG6w8teJHmKwmo"
Connection: keep-alive
Content-Length: 871
x-xss-protection: 1; mode=block
Date: Mon, 04 Nov 2024 17:32:18 GMT
Content-Type: application/json; charset=utf-8
X-Powered-By: Express
Vary: Accept-Encoding
Server: nginx/1.22.1
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 547 KB
217 KB 72ms
25ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dx.healthcasts.com
Referer: https://dx.healthcasts.com/

Response headers

content-encoding: gzip
age: 26624
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Tue, 04 Nov 2025 10:08:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 10:08:34 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222594
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 3E82 0
0 147ms
76ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LczIzEkAAAAADGHT-qGueMbwpMk1z7sIEO3_mnE&co=aHR0cHM6Ly9keC5oZWFsdGhjYXN0cy5jb206NDQz&hl=de&v=-ZG7BC9TxCVEbzIO2m429usb&size=invisible&cb=u2131y6x1u0p

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SgG1H1XC6lZ2mapxN3urCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dx.healthcasts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-SgG1H1XC6lZ2mapxN3urCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 17:32:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 186D 0
0 145ms
77ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gpzVwq500p3l_uNgwiTprg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dx.healthcasts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gpzVwq500p3l_uNgwiTprg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Nov 2024 17:32:18 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Frame.html
www.cbvisittracker.com/Cookie/ Frame 76AF 0
0 448ms
148ms Document
text/html 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cbvisittracker.com/Cookie/Frame.html
Requested by: Host: www.cbvisittracker.com
URL: https://www.cbvisittracker.com/Cookie/CookieReadJS.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Referer: https://dx.healthcasts.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443";
content-length: 1531
content-type: text/html
date: Mon, 04 Nov 2024 17:32:16 GMT
etag: "6773cacd9859d81:0"
last-modified: Tue, 26 Apr 2022 18:09:42 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

POST
H2 204 Post Show response
track.cbdatatracker.com/api/tracker/ 0
52 B 158ms
156ms XHR
text/plain 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/api/tracker/Post?_method=put
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: no-cache
Access-Control-Allow-Origin: *
Referer: https://dx.healthcasts.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

cache-control: no-cache
x-aspnet-version: 4.0.30319
pragma: no-cache
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443";
date: Mon, 04 Nov 2024 17:32:17 GMT
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

OPTIONS
H2 200 Post
track.cbdatatracker.com/api/tracker/ Frame 0
0 898ms
297ms Preflight 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/api/tracker/Post?_method=put
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,cache-control
Access-Control-Request-Method: POST
Origin: https://dx.healthcasts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,cache-control
access-control-allow-origin: *
alt-svc: h3=":443";
cache-control: no-cache
content-length: 0
date: Mon, 04 Nov 2024 17:32:17 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

GET
H/1.1 200
OK favicon.png
dx.healthcasts.com/images/ 3 KB
3 KB 138ms
138ms Other
image/png 3.12.65.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dx.healthcasts.com/images/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.65.200 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-65-200.us-east-2.compute.amazonaws.com

Software

nginx/1.22.1 / Express

Resource Hash

299c49d7ad98d16b45aebf816f3dd683299d6290b314a8eb605dc653fe12b749

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/registration

Response headers

X-Powered-By: Express
Cache-Control: public, max-age=31536000
ETag: W/"b98-192d984e028"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2968
Date: Mon, 04 Nov 2024 17:32:19 GMT
x-xss-protection: 1; mode=block
Content-Type: image/png
Last-Modified: Tue, 29 Oct 2024 18:23:37 GMT
Server: nginx/1.22.1
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 49ms
40ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X1THHMW2QS&gtm=45je4au0v9100870118za200zb9100728977&_p=1730741536156&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=607890330.1730741537&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730741536&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=scroll&epn.percent_scrolled=90&_et=7&tfd=6228
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://dx.healthcasts.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:21 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 44ms
36ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LG38XJB31H&gtm=45je4au0v9102386499za200zb9100728977&_p=1730741536156&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=607890330.1730741537&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730741536&sct=1&seg=0&dl=https%3A%2F%2Fdx.healthcasts.com%2Fregistration&dt=Healthcasts&en=scroll&epn.percent_scrolled=90&_et=8&tfd=6284
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dx.healthcasts.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://dx.healthcasts.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 17:32:21 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 PostPing Show response
track.cbdatatracker.com/api/tracker/ 0
52 B 157ms
156ms XHR
text/plain 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/api/tracker/PostPing?_method=put
Requested by: Host: dx.healthcasts.com
URL: https://dx.healthcasts.com/static/js/2.86c20add.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Cache-Control: no-cache
Access-Control-Allow-Origin: *
Referer: https://dx.healthcasts.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

cache-control: no-cache
x-aspnet-version: 4.0.30319
pragma: no-cache
expires: -1
access-control-allow-origin: *
alt-svc: h3=":443";
date: Mon, 04 Nov 2024 17:32:20 GMT
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

OPTIONS
H2 200 PostPing
track.cbdatatracker.com/api/tracker/ Frame 0
0 153ms
152ms Preflight 148.59.128.196
LUNAVI-WY

General

Check archive.org

Show headers Download Go to

Full URL: https://track.cbdatatracker.com/api/tracker/PostPing?_method=put
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.59.128.196 , Canada, ASN33561 (LUNAVI-WY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,cache-control
Access-Control-Request-Method: POST
Origin: https://dx.healthcasts.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,cache-control
access-control-allow-origin: *
alt-svc: h3=":443";
cache-control: no-cache
content-length: 0
date: Mon, 04 Nov 2024 17:32:20 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.healthcasts.com/	1970-01-21 02:55:17	Name: _rdt_uuid Value: 1730741536330.16377eb1-0a0f-4e39-a227-72006109c6ad
.healthcasts.com/	1970-01-21 10:21:41	Name: _ga Value: GA1.1.607890330.1730741537
.healthcasts.com/	1970-01-21 10:21:41	Name: _ga_X1THHMW2QS Value: GS1.1.1730741536.1.0.1730741536.0.0.0
.healthcasts.com/	1970-01-21 10:21:41	Name: _ga_LG38XJB31H Value: GS1.1.1730741536.1.0.1730741536.0.0.0
.healthcasts.com/	1970-01-21 02:55:17	Name: _fbp Value: fb.1.1730741536607.956289039155307835
prism.app-us1.com/	1970-01-21 01:28:53	Name: prism_226130963 Value: 41758de5-6701-4f29-a291-efd091341a08
.healthcasts.com/	1970-01-21 01:28:53	Name: prism_226130963 Value: 41758de5-6701-4f29-a291-efd091341a08
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 57942 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 58312 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 58313 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 59942 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 57928 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 58306 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 59941 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 57927 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 57941 Value:
dx.healthcasts.com/	1970-01-21 00:45:43	Name: 58305 Value:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
connect.facebook.net
d1eoo1tco6rr5e.cloudfront.net
diffuser-cdn.app-us1.com
docdx-public.s3.us-east-2.amazonaws.com
dx.healthcasts.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
nexus.ensighten.com
pixel-config.reddit.com
prism.app-us1.com
region1.google-analytics.com
servedbyadbutler.com
track.cbdatatracker.com
trackcmp.net
www.cbvisittracker.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
13.225.83.200
142.132.205.219
148.59.128.196
15.197.193.217
151.101.129.140
151.101.193.140
2001:4860:4802:32::36
2600:9000:206f:ba00:2:8f43:5780:93a1
2606:4700:4400::6812:22d6
2606:4700::6811:1fae
2a00:1450:4001:80e::2004
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:831::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::396
3.12.65.200
3.5.129.123
05b53ae7d88099a65709ead2202f522cc99f15f43838f6ee5107345b65c88d1d
078aa8e91bfa377f8e66ef1085006a1edc21c4532f707eee068014725dec0922
1aef2d1053042593b9f63696e708fad6c85783ce3a781810e76533df61a163a9
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
260f1948e2fe1e4801b9ec20a7296234b9d7e550b5eb631aad7910d3ccc54ab4
2642734a73fd1bfeb7309c3baaeea1ddfdefc6e01925bf3884ee2d0fa1fe9a84
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
299c49d7ad98d16b45aebf816f3dd683299d6290b314a8eb605dc653fe12b749
2e558fd582c2874be3daccf72e1cd74838db115f8cdde6fcbf822fa35ce4cd92
32ce4fc671ad614bc2a54455b7810116739df9a04ccd6d047ebb479ecb7fd25c
34cbf1f6ab47ff97ce48a8f2a315fb2202067b6e813a0b96a813a2f52f1a86c9
34d66af02ece24fc0d1114abb1071ab38fc299604b2fa55db2fdcdda49bc3ca3
352a418e69c7db00a1a923dc5b6ac65395b10262e0da4e47ba3f09ad3438d936
3679d319283ea25050bb0d26fc71fa450d4bb05193b2458df64c3cfc021fd334
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
493c601d6e3b7499f0a6080928890c425b9e8ff0e4960ca79fbb176aca4962b2
50d27844aa8ad62c68d7f548ddf15013fe588e872bed9cd05f0c0345ba9f0417
5780dcb011235f74ebd060a2e1d7e214e3bd12e13982bf4bd7fbe052d3d55f63
5abe2a12140edf2387d5be35225df3caa4f0f0a05d8f5614008c8cc90af4a156
677c4695323a1cf6c96c999bb22312beec11c1a376b4c267c406aec0cc4a8183
6db1cc3256734e40616f25f953e68eaf0e96d6b05089719f42f1fa667e10ba53
70bf7023316ccd73b8775a094d634f51de416e9574344caca0b77137b5dbc0e6
75461830183986b7c1fb88bfa138b92daf54dc0e3bd9aea2e38999c9a1ba0ed8
7933d7eef56f5080dfbe4a8ce1bdf0703e1fc8229d834c86d258766b369668e8
83a9c509e17d3de7efdb3110dd529a539c1c46a5577fbad177ca57584b7ec851
8a0a5b56153856704c051d33f9dd6acca4849a3dda0f02d6e110ca3bbb63df5f
8f3a3a9ab571e9a0c72aea87cd839bc8fbd9dc48bb7506228f30532b31bea1b2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
93e984b7b94d2a869d5313b60216d067f07c2f1e6137e24ddc629bf94dce6a56
98d77039ea9249b3dce91ad7b467ee382f29daa61213c3e2737bd4a8786c8801
9a78701f6e49e71ab4a15f85c515418a37fb8e7e179b2686faa795765a402bac
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab1dc4bdcd239cd0d211870064f9481caea7191febf67aa4301671d64ec6e8d4
bcf3774f56c33823d0ad4bb0c67fb56cf4196648d597e86c5d3d42ca99ccd343
cc2031848c0a2d938e21abe95b3acec64d5d24472d69259a889a5dc508c8583d
d52a5150edb54fde546e89151c657cbc4f83edb87452f5cd4662feaa006d5540
defe5dde65896a803cbed774d8b136d17cf816be16b18227ff24b007051dbc03
e322190b19607a24bc2e50477ebf423769e61fd20628bd835984c95ea41705f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53c146652690bc65834dd5916dac1feb2d826581006dc50bf2373234eb8073e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa26b15f22e1aa95c836e1b09c3b28bd01bee9de6f51987a4a8640cb25218fcd

dx.healthcasts.com Open in urlscan Pro 3.12.65.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

60 %IPv6

19 Domains

22 Subdomains

20 IPs

3 Countries

2504 kBTransfer

8200 kBSize

17 Cookies

3 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dx.healthcasts.com Open in urlscan Pro
3.12.65.200 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

60 %
IPv6

19
Domains

22
Subdomains

20
IPs

3
Countries

2504 kB
Transfer

8200 kB
Size

17
Cookies

57 HTTP transactions
1 data transactions