my.natera.com Open in urlscan Pro
2a02:26f0:7100::210:158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://my.natera.com/
Submission: On October 12 via manual (October 12th 2024, 12:18:50 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2a02:26f0:7100::210:158, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is my.natera.com. The Cisco Umbrella rank of the primary domain is 514508.
TLS certificate: Issued by R11 on September 16th 2024. Valid for: 3 months.

This is the only time my.natera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a02:26f0:710... 2a02:26f0:7100::210:158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
3	2.17.100.241 2.17.100.241	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.160.150.112 3.160.150.112	16509 (AMAZON-02) (AMAZON-02)
2	54.198.247.38 54.198.247.38	14618 (AMAZON-AES) (AMAZON-AES)
14	5

7 2a02:26f0:7100::210:158 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

my.natera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.17.100.241 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-241.deploy.static.akamaitechnologies.com

my.natera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-112.fra60.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.198.247.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-247-38.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	natera.com my.natera.com — Cisco Umbrella Rank: 514508	3 MB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 852 heapanalytics.com — Cisco Umbrella Rank: 666	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
14	3

	Domain	Requested by
10	my.natera.com	my.natera.com
2	heapanalytics.com
1	cdn.heapanalytics.com	my.natera.com
1	fonts.googleapis.com	my.natera.com
14	4

This site contains links to these domains. Also see Links.

Domain
www.natera.com

Subject Issuer	Validity	Valid
my.natera.com R11	`2024-09-16` - `2024-12-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M02	`2024-05-29` - `2025-06-26`	a year	crt.sh
heapanalytics.com Amazon RSA 2048 M03	`2024-10-10` - `2025-11-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://my.natera.com/
Frame ID: 592847ADB3E8C75574AD999040CC5162
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unified patient portal

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Page Statistics

14
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

2617 kB
Transfer

8269 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.natera.com/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.natera.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
my.natera.com/ 5 KB
3 KB 943ms
803ms Document
text/html 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

955966856499491d0d3fcb625bb3a5aef301ad896577fda49ed83a75a3f57090

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 2624
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
content-type: text/html
date: Sat, 12 Oct 2024 00:18:45 GMT
etag: "66ebe8ea-50b"
expires: Sat, 12 Oct 2024 00:18:45 GMT
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server-timing: cdn-cache; desc=MISS edge; dur=734 origin; dur=13 ak_p; desc="1728692324411_34603348_137773764_74761_6409_38_53_255";dur=1
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 1291 0 pmb=mRUM,1
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 1
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 124ms
40ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Flex:wght@100;300;400;500;700;900&display=swap

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77c2bb3f388c3b39151eab886233d2dc5bd3df3a5db6b46ad25593c02e3a48e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 12 Oct 2024 00:18:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 12 Oct 2024 00:18:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 RobotoFlex-Variable.woff2
my.natera.com/dist/fonts/ 5 KB
3 KB 107ms
105ms Font
text/html 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/dist/fonts/RobotoFlex-Variable.woff2

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2cc96740652e16276863c625a09737e9ad7efeac786e97d5777edd3c2d171df7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://my.natera.com
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66ebe8ea-50b"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-akamai-transformed: 9 - 0 pmb=mRUM,1
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728692325279_34603348_137774408_21_4153_36_0_219";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: text/html
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=2041900
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
content-length: 2622

GET
H2 200 heapAnalytics.js Show response
my.natera.com/scripts/ 620 B
1 KB 100ms
100ms Script
application/javascript 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/scripts/heapAnalytics.js

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

317f0d6961ba8a25d698036864997555ec0a8f35f3d96229160b7ee7f94be044

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66ebe8ea-26c"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728692325297_34603348_137774420_263_4282_36_0_146";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=212416
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
content-length: 378

GET
H2 200 396.ee538446dd939f8cf697.js Show response
my.natera.com/ 4 MB
1016 KB 99ms
98ms Script
application/javascript 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/396.ee538446dd939f8cf697.js

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96f36565c02c3b0c02f13e4729ce67654b2ed22f3623c3a860d3a96adb9cb228

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66ebe8ea-4246e5"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728692325297_34603348_137774421_270_4281_36_0_146";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=461683
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
content-length: 1038479

GET
H2 200 main.b5a7ba4473729af0328e.js Show response
my.natera.com/ 2 MB
747 KB 158ms
158ms Script
application/javascript 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/main.b5a7ba4473729af0328e.js

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f39b9ca5304758646bccaba437fe9c632e8c8755280dda5634586243dc4da4c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66ebe8ea-23a65b"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728692325297_34603348_137774422_270_4261_36_0_146";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=395140
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
content-length: 763996

GET
H2 200 396.407189da7caf74932f96.css
my.natera.com/ 83 KB
10 KB 41ms
40ms Stylesheet
text/css 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/396.407189da7caf74932f96.css

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e200fd491da5fc147e645a08dee6c6d853d3a7452e63d2a7f8a7ed8235d193fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66ebe8ea-14dbd"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728692325279_34603348_137774406_23_4119_36_0_255";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=422773
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
content-length: 9458

GET
H2 200 main.cba878f5b44773be9af3.css
my.natera.com/ 783 KB
80 KB 47ms
47ms Stylesheet
text/css 2a02:26f0:7100::210:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/main.cba878f5b44773be9af3.css

Requested by

Host: my.natera.com
URL: https://my.natera.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::210:158 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5f6eb78a0ffdac570b3c54852d52823e6cbc88d2da13167446c1771a55b845d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66ebe8ea-c3c58"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1728692325279_34603348_137774407_33_4098_36_0_255";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:45 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=212431
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
accept-ranges: bytes
content-length: 81367

GET
H3 200 RobotoFlex-Variable.woff2
my.natera.com/fonts/ 711 KB
711 KB 71ms
70ms Font
font/woff2 2.17.100.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/fonts/RobotoFlex-Variable.woff2

Requested by

Host: my.natera.com
URL: https://my.natera.com/main.cba878f5b44773be9af3.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2.17.100.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c34dd000d5be8aa8276b67ad09dd86ff0547256ef8d7980c4af05ef881e4289

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://my.natera.com
Referer: https://my.natera.com/main.cba878f5b44773be9af3.css

Response headers

etag: "66ebe8ea-b1c20"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1728692325340_34694381_267440133_878_13979_-_-_-";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:46 GMT
content-type: font/woff2
last-modified: Thu, 19 Sep 2024 09:03:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=751046
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
quic-version: 0x00000001
accept-ranges: bytes
content-length: 728096

GET
H3 200 favicon.ico
my.natera.com/ 15 KB
4 KB 275ms
275ms Other
image/x-icon 2.17.100.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.natera.com/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

2.17.100.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-241.deploy.static.akamaitechnologies.com

Software

Resource Hash

8bbe69c4ac0d943fe09ff6a6a5e82c7a40330c24abec63210349d45ef9b96b9f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: gzip
etag: "66be188d-3aee"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="1728692326194_34694381_267440136_374_18208_-_-_-";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:46 GMT
content-type: image/x-icon
last-modified: Thu, 15 Aug 2024 15:02:37 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=2592000; includeSubDomains
content-security-policy: script-src 'self' blob: https: http://*.wistia.net http://*.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://*.wistia.com http://*.wistia.net; media-src 'self' blob: https: http://*.wistia.net http://*.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://*.wistia.net http://*.wistia.com
cache-control: max-age=204031
x-envoy-upstream-service-time: 1
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
quic-version: 0x00000001
accept-ranges: bytes
content-length: 4108

GET
H3 200 config Show response
my.natera.com/ 4 KB
2 KB 550ms
550ms Fetch
application/json 2.17.100.241
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://my.natera.com/config
Requested by: Host: my.natera.com
URL: https://my.natera.com/main.b5a7ba4473729af0328e.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2.17.100.241 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-241.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 58833c3c81fcb4c30f8ca49c114da7ac1dd99e3a725f7c6a05a6885c4854e6f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

ratelimit-policy: 1000;w=10
ratelimit-remaining: 983
content-encoding: gzip
etag: W/"e4f-gzhHo78WEa1pa+WfxBcR9KM74TU"
ratelimit-reset: 7
expires: Sat, 12 Oct 2024 00:18:46 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=466, origin; dur=14, ak_p; desc="1728692326265_34694381_267440307_48059_16220_-_-_-";dur=1
alt-svc: h3=":443"; ma=93600
date: Sat, 12 Oct 2024 00:18:46 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 3
pragma: no-cache
ratelimit-limit: 1000
quic-version: 0x00000001
access-control-allow-origin: *
content-length: 1531

GET
H2 200 heap-1585683043.js Show response
cdn.heapanalytics.com/js/ 117 KB
38 KB 263ms
152ms Script
application/javascript 3.160.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-1585683043.js

Requested by

Host: my.natera.com
URL: https://my.natera.com/scripts/heapAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.160.150.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-150-112.fra60.r.cloudfront.net

Software

nginx / Express

Resource Hash

c301e1abc26dd20c08284c5e70b1bc72e7b12f84e1beed786e5b03c26c21b386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

content-encoding: br
etag: W/"1d4bc-VFiMqpxt9FLZ6v3gfzRKZ8nPXDY"
age: 56
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 938f3YEnwt6lYq1wjncLNMcaH1EUQSL8YNuVB5n7ieYAFB-upHRlWA==
date: Sat, 12 Oct 2024 00:17:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=120
cross-origin-resource-policy: cross-origin
via: 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-powered-by: Express
server: nginx

GET
H2 200 telemetry
heapanalytics.com/api/ 32 B
234 B 445ms
142ms Image
image/gif 54.198.247.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=1585683043&te=type&te=data&te=cm&te=resetIdentityTelemetry%20-%20anonymous%20user&st=1728692327101&hv=4.23.4&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.198.247.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-247-38.compute-1.amazonaws.com

Software

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 32
date: Sat, 12 Oct 2024 00:18:47 GMT
pragma: no-cache
content-type: image/gif

GET
H2 200 h
heapanalytics.com/ 37 B
377 B 435ms
143ms Image
image/gif 54.198.247.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=1585683043&u=7891165388823072&v=7752740452844563&s=766622250979733&b=web&tv=4.0&z=0&h=%2F&d=my.natera.com&t=Unified%20patient%20portal&ts=1728692327108&sch=1200&scw=1600&st=1728692327113&lv=4.23.4&ld=cdn.heapanalytics.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.198.247.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-198-247-38.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://my.natera.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma: no-cache
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
access-control-allow-methods: POST, PUT, GET
access-control-allow-origin: *
content-length: 37
date: Sat, 12 Oct 2024 00:18:47 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.natera.com/	1970-01-21 09:39:29	Name: _hp2_id.1585683043 Value: %7B%22userId%22%3A%227891165388823072%22%2C%22pageviewId%22%3A%227752740452844563%22%2C%22sessionId%22%3A%22766622250979733%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.natera.com/	1970-01-21 00:11:34	Name: _hp2_ses_props.1585683043 Value: %7B%22ts%22%3A1728692327108%2C%22d%22%3A%22my.natera.com%22%2C%22h%22%3A%22%2F%22%7D
my.natera.com/	1970-01-21 00:11:33	Name: _dd_s Value: rum=0&expire=1728693226825

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://my.natera.com/(Line 14) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com". Either the 'unsafe-inline' keyword, a hash ('sha256-duDSaQ4hrSn5jIZ4l3+ehlUu7K/QGZQF5SFFEvJk9Kc='), or a nonce ('nonce-...') is required to enable inline execution.
other	warning	URL: https://my.natera.com/ Message: Failed to decode downloaded font: https://my.natera.com/dist/fonts/RobotoFlex-Variable.woff2
other	warning	URL: https://my.natera.com/ Message: OTS parsing error: invalid sfntVersion: 1008821359
other	warning	URL: https://my.natera.com/ Message: Failed to decode downloaded font: https://my.natera.com/dist/fonts/RobotoFlex-Variable.woff2
other	warning	URL: https://my.natera.com/ Message: OTS parsing error: invalid sfntVersion: 1008821359

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' blob: https: http://.wistia.net http://.cloudflare.com; default-src 'self' https:; style-src 'self' https: 'unsafe-inline'; img-src 'self' data: https: http://.wistia.com http://.wistia.net; media-src 'self' blob: https: http://.wistia.net http://.wistia.com; font-src 'self' data: https:; frame-src 'self' https:; worker-src 'self' blob: https:; connect-src 'self' https: http://.wistia.net http://.wistia.com
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
fonts.googleapis.com
heapanalytics.com
my.natera.com
2.17.100.241
2a00:1450:4001:81d::200a
2a02:26f0:7100::210:158
3.160.150.112
54.198.247.38
2cc96740652e16276863c625a09737e9ad7efeac786e97d5777edd3c2d171df7
317f0d6961ba8a25d698036864997555ec0a8f35f3d96229160b7ee7f94be044
58833c3c81fcb4c30f8ca49c114da7ac1dd99e3a725f7c6a05a6885c4854e6f0
5f6eb78a0ffdac570b3c54852d52823e6cbc88d2da13167446c1771a55b845d0
6c34dd000d5be8aa8276b67ad09dd86ff0547256ef8d7980c4af05ef881e4289
77c2bb3f388c3b39151eab886233d2dc5bd3df3a5db6b46ad25593c02e3a48e3
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8bbe69c4ac0d943fe09ff6a6a5e82c7a40330c24abec63210349d45ef9b96b9f
955966856499491d0d3fcb625bb3a5aef301ad896577fda49ed83a75a3f57090
96f36565c02c3b0c02f13e4729ce67654b2ed22f3623c3a860d3a96adb9cb228
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c301e1abc26dd20c08284c5e70b1bc72e7b12f84e1beed786e5b03c26c21b386
e200fd491da5fc147e645a08dee6c6d853d3a7452e63d2a7f8a7ed8235d193fa
f39b9ca5304758646bccaba437fe9c632e8c8755280dda5634586243dc4da4c8

my.natera.com Open in urlscan Pro 2a02:26f0:7100::210:158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

40 %IPv6

3 Domains

4 Subdomains

5 IPs

2 Countries

2617 kBTransfer

8269 kBSize

3 Cookies

2 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

5 Console Messages

Security Headers

Indicators

my.natera.com Open in urlscan Pro
2a02:26f0:7100::210:158 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

2617 kB
Transfer

8269 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions