within-health.aperohealth.com Open in urlscan Pro
2606:4700:20::ac43:472d  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response within-health.aperohealth.com/	6 KB 3 KB	469ms 355ms	Document text/html	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d19883400b98f241a71c4794af54475479acfe2126d3e1a768ae58348758eb4e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control public, max-age=0, s-maxage=300 cf-cache-status DYNAMIC cf-ray 895440be6bd69c00-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 17 Jun 2024 16:00:30 GMT last-modified Mon, 17 Jun 2024 12:31:11 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPfFDreEBzXk4XBbdGnKrMk13JS%2BJVfVBcyXjWqFaxJVM2SEr2WcwCotrlbvPFfBwN%2BYB43GAGvBwxp7%2FJA%2B66muLUYleekZGIGeq%2BrysLbRJzY2%2FYS9YtaLxHoktlP09g%2B3BFFtABKn88G7GgdzhxrLIhNsD5PzDMy4"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Accept-Encoding x-content-type-options nosniff
GET H2	200	uicons-regular-straight.css within-health.aperohealth.com/uicons/css/	68 KB 9 KB	370ms 369ms	Stylesheet text/css	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://within-health.aperohealth.com/uicons/css/uicons-regular-straight.css Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 62e8b320089fb6d1e3119265aa7ef7bb9e59c9182377371c9a94fc1b10d34130 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Jun 2024 12:31:11 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "10e8a3fe546f03e708ef279fffa5ab87" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK%2Bz7Tn1p35%2BTlN9x3TESY1XX8%2FMfqnP41dTb7nCocUWplWZBj23O4WZL7ORyIKMQZwu8cLxTJDUlGC73sYaRCdVIZlXi8m0oYbbsubjDJqidshXC9KKN2tPJYQIK9eJHcZ8b7EkNDiFToImgn%2BZX0MUfPrXEGc7%2BAig"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control public, max-age=14400, s-maxage=300 cf-ray 895440c0bfc49c00-FRA
GET H2	200	/ Show response js.stripe.com/v3/	613 KB 150 KB	173ms 49ms	Script text/javascript	99.86.4.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-122.fra6.r.cloudfront.net Software Cloudfront / Resource Hash cd580eb4a53f0e3009ff27c4afd31a4b46f2137b226440353b48d26bf00cc37a Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:27 GMT content-encoding br via 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 4 x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront last-modified Fri, 14 Jun 2024 20:40:45 GMT server Cloudfront etag W/"3d8a160e161dc972aeab4614778485ee" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id dY_HcS1QglCWJ8Ikk8pu2tckxZ6d9qr5JmfGb9H4RyeiXaEL5K5LpQ==
GET H2	200	index.5e2065ea.js Show response within-health.aperohealth.com/assets/	12 MB 3 MB	329ms 329ms	Script application/javascript	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://within-health.aperohealth.com/assets/index.5e2065ea.js Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74893ddd8c4a862a80c3b12fca2f9c868cd9f9fd8db8ead32c185d475c32cdc8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Origin https://within-health.aperohealth.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Jun 2024 12:31:10 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "c8c84b39207f20bb2c6f0d2cbc7e1df7-2" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qptC%2Fp3Erbl41nqN8PwDd3cO%2FfwnuG2r6d0i8aO3qu0NXhfORWlDiIuy8GzmFo8LIT2emCsoOlZG70kpUv3INTbyZinSiYMpKORsVwQIBute5ifit64d1qzl8Axo7lGFGoZozkiTuSbZjdmjmU3fGkiI4vUWq43bLgoX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=14400, s-maxage=300 cf-ray 895440c0bfcb9c00-FRA
GET H2	200	index.9d10f712.css within-health.aperohealth.com/assets/	546 KB 85 KB	372ms 372ms	Stylesheet text/css	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://within-health.aperohealth.com/assets/index.9d10f712.css Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84170ff8c0f7b6d69a7f0af109d30018f96ecc85a46aad9a71e3d3f9d51210fb Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:31 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Jun 2024 12:31:10 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5ec95d2e3d9d8ea409334e31fbe7bca6" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2t9LRFvPEKoSPT2Uagau9b64jItfMuxK36XsZXIAa%2BRX93Zoh0LymcuzJBS650NdqZ5%2BeKmewOEX8%2FIkr7XZ%2Bw%2B1WsIXA4rjRUZmzTJQ5T8sPyXpBMbD%2FKAdqaRDDJtf3WNvwUbZk590R2UvGXepJQtYOPqpEr1gJHO"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control public, max-age=14400, s-maxage=300 cf-ray 895440c0bfc59c00-FRA
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	219ms 114ms	Script text/javascript	2606:4700::6810:5049 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Origin https://within-health.aperohealth.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:31 GMT content-encoding gzip last-modified Thu, 06 Jun 2024 15:52:56 GMT server cloudflare etag W/"2024.6.1" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 895440c3f98b366b-FRA
GET H2	200	mixpanel-2-latest.min.js Show response cdn4.mxpnl.com/libs/	55 KB 19 KB	351ms 41ms	Script text/javascript	35.186.235.23 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 23.235.186.35.bc.googleusercontent.com Software UploadServer / Resource Hash 395e1e13608ef6f630c22329001b619f5434fc1eb6567e8d31f600b0fc3c5cc6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 15:58:06 GMT content-encoding gzip age 145 x-guploader-uploadid ABPtcPpkIgRb2_WKns-Z1im73gbL1YvOWZxUTd-XTpOFRsn50hX8mfgo2gQHG74YChRy-rjkjDU x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18820 last-modified Fri, 07 Jun 2024 18:57:45 GMT server UploadServer etag "0f8e1f29672ad8af54e7b02671b3de79" vary Accept-Encoding x-goog-generation 1717786665797756 x-goog-hash crc32c=gzfIUg==, md5=D44fKWcq2K9U57AmcbPeeQ== access-control-allow-origin * content-type text/javascript cache-control public,max-age=600 x-goog-stored-content-length 18820 accept-ranges bytes expires Mon, 17 Jun 2024 16:08:06 GMT
GET H2	200	uicons-regular-straight.css cdn-uicons.flaticon.com/uicons-regular-straight/css/	144 KB 19 KB	234ms 47ms	Stylesheet text/css	2a02:26f0:480:33::212:40df AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cdn-uicons.flaticon.com/uicons-regular-straight/css/uicons-regular-straight.css Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/assets/index.9d10f712.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:480:33::212:40df Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f56f919d4f017bd5812bde9c6464367869b4425eba32cb0669c9684eb00d85f5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:31 GMT content-encoding gzip x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 19257 pragma public last-modified Mon, 18 Sep 2023 13:49:04 GMT etag "bb8fec66356c7c1850d307e4e6fab060" vary Accept-Encoding x-goog-generation 1695044944878254 content-type text/css access-control-allow-origin * x-default-rule YES cache-control public, max-age=31536000 x-goog-stored-content-length 147097 x-amz-checksum-crc32c UXgb5A== accept-ranges bytes x-amz-meta-x-goog-reserved-source-generation 1683876077183231 expires Tue, 17 Jun 2025 16:00:31 GMT
GET H2	200	chat.bundle.js Show response chat-assets.frontapp.com/v1/	22 KB 6 KB	145ms 42ms	Script application/javascript	13.224.189.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat-assets.frontapp.com/v1/chat.bundle.js Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 76764f584c5ee122fb3f983356735b37ebd5d2f5258729babf0969a311ceab2b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers x-amz-version-id HcuGAF_wQ2LROBqHQUAU3h9u4LFPYAIn content-encoding gzip via 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront) date Mon, 17 Jun 2024 15:59:18 GMT x-amz-cf-pop FRA2-C1 age 74 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 13 Jun 2024 22:33:55 GMT server AmazonS3 etag W/"3e111f63e1a6b9cf63607b6c080d6ca9" vary Accept-Encoding content-type application/javascript cache-control max-age=600, must-revalidate x-amz-cf-id CIqSN4njJWDbZeXyt8clDTLsC6iWs0rDc8ZCttetqAfK5iZJ_DgbNg== expires Thu, 13 Jun 2024 22:43:54 GMT
OPTIONS		graphql api-app.aperohealth.com/ Frame	0 0
OPTIONS H2	200	graphql api-app.aperohealth.com/ Frame	0 0	2154ms 2015ms	Preflight text/html	2606:4700:20::681a:9af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-app.aperohealth.com/graphql? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://within-health.aperohealth.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers accept, authorization, content-type, user-agent, x-csrftoken, x-requested-with, recent-activity, organization, Client-Version access-control-allow-methods DELETE, GET, OPTIONS, PATCH, POST, PUT access-control-allow-origin https://within-health.aperohealth.com access-control-max-age 86400 cf-cache-status DYNAMIC cf-ray 895440cf4f2391f5-FRA content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin date Mon, 17 Jun 2024 16:00:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PqnmwjC8T06y2VgKYsOk3fNcX4H42c1meUkZOUPmN4y%2FA98bnTAfieE7%2FJKMlqgqtpTnl7YtIGuETCFlq6Ub44pteo%2FFmwoTUaRXKuGFJ%2B%2FGaFfl1p4c%2B2tQfzvsCKEsWMlWg1T7e8LsCstS%2Bxd5XyjPnSZ"}],"group":"cf-nel","max_age":604800} server cloudflare vary origin x-cloud-trace-context cfd3e13a14bc4c6b279889aa177501ab x-content-type-options nosniff
POST		graphql api-app.aperohealth.com/	0 0
POST H2	200	graphql Show response api-app.aperohealth.com/	777 B 1 KB	1422ms 1338ms	Fetch application/json	2606:4700:20::681a:9af CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-app.aperohealth.com/graphql? Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/assets/index.5e2065ea.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9af , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 827650c5603a7401f7d07b109e8af74172ebcebfa25d5dd2ed5e182cc8d1a320 Security Headers Name Value Content-Security-Policy default-src 'self'; font-src 'self' https://storage.googleapis.com/apero/static/ https://fonts.googleapis.com/ https://fonts.googleapis.com/css2; img-src 'self' https://www.gravatar.com/avatar/ https://storage.googleapis.com/apero/static/ https://storage.googleapis.com/apero/icons/ https://storage.googleapis.com/apero-usercontent/ https://storage.googleapis.com/apero-usercontent-dev/; frame-ancestors 'self' treatmyocd.com https://app.aperohealth.com https://apero.dev https://app.apero.dev https://apero.us https://app.apero.us; script-src 'self' https://storage.googleapis.com/apero/static/; style-src 'self' https://storage.googleapis.com/apero/static/ X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json accept */* Referer https://within-health.aperohealth.com/ sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:36 GMT content-security-policy default-src 'self'; font-src 'self' https://storage.googleapis.com/apero/static/ https://fonts.googleapis.com/ https://fonts.googleapis.com/css2; img-src 'self' https://www.gravatar.com/avatar/ https://storage.googleapis.com/apero/static/ https://storage.googleapis.com/apero/icons/ https://storage.googleapis.com/apero-usercontent/ https://storage.googleapis.com/apero-usercontent-dev/; frame-ancestors 'self' treatmyocd.com https://app.aperohealth.com https://apero.dev https://app.apero.dev https://apero.us https://app.apero.us; script-src 'self' https://storage.googleapis.com/apero/static/; style-src 'self' https://storage.googleapis.com/apero/static/ x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br referrer-policy same-origin server cloudflare cross-origin-opener-policy same-origin vary Cookie, origin report-to {"group":"default","max_age":31536000,"endpoints":[{"url":"https://apero.report-uri.com/a/d/g"}],"include_subdomains":true} content-type application/json access-control-allow-origin https://within-health.aperohealth.com x-cloud-trace-context 0558e05182aeddd5da5f11b6f40069f5 x-frame-options SAMEORIGIN access-control-allow-credentials true cache-control private cf-ray 895440dc7e60920b-FRA expires Mon, 17 Jun 2024 16:00:36 GMT
GET H2	200	client Show response accounts.google.com/gsi/	219 KB 83 KB	191ms 82ms	Script application/javascript	2a00:1450:400c:c07::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: within-health.aperohealth.com URL: https://within-health.aperohealth.com/assets/index.5e2065ea.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::54 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2c09532d11c9227fc67f94f8247ba2f43a7ef75824839666aec7ad27c2aa4cd8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-oosQ5QpSU8BQcxTQDixmog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:33 GMT content-security-policy script-src 'report-sample' 'nonce-oosQ5QpSU8BQcxTQDixmog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http content-encoding gzip x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} content-type application/javascript; charset=utf-8 cache-control private, max-age=1800 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" expires Mon, 17 Jun 2024 16:00:33 GMT
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html js.stripe.com/v3/ Frame FD3B	0 0	176ms 99ms	Document text/html	99.86.4.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-9.fra6.r.cloudfront.net Software Cloudfront / Resource Hash Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://within-health.aperohealth.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes access-control-allow-origin * age 2582 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 17 Jun 2024 15:17:32 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Thu, 30 May 2024 20:04:59 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront) x-amz-cf-id 34XvDDS0w9H5MfOP6zGOCUuZiJlYgQg9Bjosp62MT_V9oxoRdRhhcQ== x-amz-cf-pop FRA6-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	204	rum Show response within-health.aperohealth.com/cdn-cgi/	0 191 B	49ms 48ms	XHR text/plain	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://within-health.aperohealth.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json Response headers date Mon, 17 Jun 2024 16:00:33 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://within-health.aperohealth.com x-frame-options DENY access-control-allow-credentials true cf-ray 895440d3fff99c00-FRA
GET H2	200	favicon.ico within-health.aperohealth.com/	14 KB 12 KB	377ms 376ms	Other image/vnd.microsoft.icon	2606:4700:20::ac43:472d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://within-health.aperohealth.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:472d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fd4b9cefa089c98dc666853a5bfee731f8bc8f18bb227231f83901bf796eb84 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://within-health.aperohealth.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 17 Jun 2024 16:00:34 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status MISS last-modified Mon, 17 Jun 2024 12:31:10 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2c2b28216efbf6970835d3f52d789d18" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2LDgL8bifl%2FLd3Dz5yixyv%2Fyy9r5j2LOmzIikJHMDwF0YddKdpuod5hGnl7jxmxC8AlDtHxjrExkVuqlsdFCAXYZzyt4khHXOmHlUnL07q6CEN%2Bh0g4sXKdKVaTUe83I0KscC53qA19AVZZze7oO3T8kVfvzOfBZddE"}],"group":"cf-nel","max_age":604800} content-type image/vnd.microsoft.icon cache-control public, max-age=14400, s-maxage=300 cf-ray 895440d408129c00-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api-app.aperohealth.com

URL

https://api-app.aperohealth.com/graphql?

Domain

api-app.aperohealth.com

URL

https://api-app.aperohealth.com/graphql?

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| mixpanel object| webpackChunkStripeJSouter function| noop function| Stripe object| __frontCmdQueue function| FrontChat object| process object| __APOLLO_CLIENT__ object| __core-js_shared__ object| Prism object| ace object| __REACT_INTL_CONTEXT__ object| __cfBeacon object| default_gsi object| _F_toggles object| google object| closure_lm_905332

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.aperohealth.com/	1970-01-21 06:09:36	Name: mp_7ab236130e60284f22974a965eae257f_mixpanel Value: %7B%22distinct_id%22%3A%20%22%24device%3A19026edb7714f6-005ca744f149d2-26001f51-1d4c00-19026edb7714f6%22%2C%22%24device_id%22%3A%20%2219026edb7714f6-005ca744f149d2-26001f51-1d4c00-19026edb7714f6%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
			m.stripe.com/	1970-01-21 07:00:00	Name: m Value: fc26b87a-cd6a-42f2-9b21-bdb3f12666e28669b6
			.within-health.aperohealth.com/	1970-01-21 06:09:36	Name: __stripe_mid Value: 45719db0-d61d-4985-8d5c-7f3a5f5b6ae090d512
			.within-health.aperohealth.com/	1970-01-20 21:24:01	Name: __stripe_sid Value: a5fc99df-0530-48bc-9823-df73f9b9b74cf90742
			api-app.aperohealth.com/	1970-01-21 06:08:09	Name: csrftoken Value: mE4PRVDiG6sHm7DMpudIPVU0y8xEw66Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://within-health.aperohealth.com/(Line 131) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://chat-assets.frontapp.com/v1/chat.bundle.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://within-health.aperohealth.com/(Line 131) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://chat-assets.frontapp.com/v1/chat.bundle.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-app.aperohealth.com
cdn-uicons.flaticon.com
cdn4.mxpnl.com
chat-assets.frontapp.com
js.stripe.com
static.cloudflareinsights.com
within-health.aperohealth.com
api-app.aperohealth.com
13.224.189.76
2606:4700:20::681a:9af
2606:4700:20::ac43:472d
2606:4700::6810:5049
2a00:1450:400c:c07::54
2a02:26f0:480:33::212:40df
35.186.235.23
99.86.4.122
99.86.4.9
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
2c09532d11c9227fc67f94f8247ba2f43a7ef75824839666aec7ad27c2aa4cd8
395e1e13608ef6f630c22329001b619f5434fc1eb6567e8d31f600b0fc3c5cc6
5fd4b9cefa089c98dc666853a5bfee731f8bc8f18bb227231f83901bf796eb84
62e8b320089fb6d1e3119265aa7ef7bb9e59c9182377371c9a94fc1b10d34130
74893ddd8c4a862a80c3b12fca2f9c868cd9f9fd8db8ead32c185d475c32cdc8
76764f584c5ee122fb3f983356735b37ebd5d2f5258729babf0969a311ceab2b
827650c5603a7401f7d07b109e8af74172ebcebfa25d5dd2ed5e182cc8d1a320
84170ff8c0f7b6d69a7f0af109d30018f96ecc85a46aad9a71e3d3f9d51210fb
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
cd580eb4a53f0e3009ff27c4afd31a4b46f2137b226440353b48d26bf00cc37a
d19883400b98f241a71c4794af54475479acfe2126d3e1a768ae58348758eb4e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f56f919d4f017bd5812bde9c6464367869b4425eba32cb0669c9684eb00d85f5