urlscan.io logo urlscan.io
SecurityTrails logo

app.user.com Open in urlscan Pro
2606:4700:10::6816:225c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mercyhealth.user.com/
Effective URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Submission: On August 12 via manual from AU — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 54 HTTP transactions. The main IP is 2606:4700:10::6816:225c, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.user.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 12th 2022. Valid for: a year.
This is the only time app.user.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    51.91.31.155 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3151945.ip-51-91-31.eu
mercyhealth.user.com
21    2606:4700:10::6816:225c (United States)

ASN13335 (CLOUDFLARENET, US)
app.user.com
register-static.user.com
support.user.com
widget.user.com
media.user.com
6    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700:10::ac43:2592 (United States)

ASN13335 (CLOUDFLARENET, US)
register-static.user.com
support.user.com
6    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    147.182.134.226 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
product-data.user.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    51.77.134.129 (France)

ASN16276 (OVH, FR)
PTR: ns3137032.ip-51-77-134.eu
eu.user.com
1    2606:4700:20::681a:164 (United States)

ASN13335 (CLOUDFLARENET, US)
app.userengage.com
Apex Domain
Subdomains		 Transfer
32 user.com
mercyhealth.user.com
app.user.com
register-static.user.com
support.user.com
widget.user.com — Cisco Umbrella Rank: 123754
product-data.user.com
media.user.com — Cisco Umbrella Rank: 189401
eu.user.com — Cisco Umbrella Rank: 347878
1 MB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
545 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 10
42 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
region1.google-analytics.com — Cisco Umbrella Rank: 2742
66 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
212 KB
1 userengage.com
app.userengage.com
524 B
1 google.fr
www.google.fr — Cisco Umbrella Rank: 13266
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
440 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1249
5 KB
54 9
Domain Requested by
9 register-static.user.com app.user.com
register-static.user.com
6 www.gstatic.com www.google.com
www.gstatic.com
6 www.google.com app.user.com
www.gstatic.com
www.google.com
5 widget.user.com support.user.com
5 support.user.com app.user.com
support.user.com
4 media.user.com app.user.com
3 product-data.user.com app.user.com
product-data.user.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com app.user.com
www.googletagmanager.com
3 app.user.com app.user.com
static.cloudflareinsights.com
2 fonts.gstatic.com www.google.com
2 region1.google-analytics.com www.googletagmanager.com
2 mercyhealth.user.com 2 redirects
1 app.userengage.com 1 redirects
1 eu.user.com 1 redirects
1 www.google.fr app.user.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.cloudflareinsights.com app.user.com
54 18

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
product-data.user.com
R3		 2022-08-08 -
2022-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Frame ID: B382AAA118BF352ACE75640B309A7B04
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Frame ID: 144EDB0D800908E905F6D758C279872A
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=n5dcig4rfe6c
Frame ID: 0EDED15EAE7A85322FF43080458A8815
Requests: 3 HTTP requests in this frame

Frame: https://media.user.com/avatars/qoDE96B9evRkqdCyBBqEGlns5YYX3prB.jpg
Frame ID: D9878EB344D8CC4098FE9FF3B3452563
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

User.com | Login - User.com

Page URL History Show full URLs

  1. http://mercyhealth.user.com/ HTTP 301
    https://mercyhealth.user.com/ HTTP 302
    https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

54
Requests

96 %
HTTPS

80 %
IPv6

9
Domains

18
Subdomains

12
IPs

4
Countries

2319 kB
Transfer

5818 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mercyhealth.user.com/ HTTP 301
    https://mercyhealth.user.com/ HTTP 302
    https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg HTTP 301
  • https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Request Chain 52
  • https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png HTTP 301
  • https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.user.com/accounts/login/
Redirect Chain
  • http://mercyhealth.user.com/
  • https://mercyhealth.user.com/
  • https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52d559484cf526bb0a5ac6fb1514049fafc8192a82064cdb81f861dc9d84792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
cf-cache-status
DYNAMIC
cf-ray
739674540f5976ba-LHR
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:26:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Fri, 12 Aug 2022 04:26:43 GMT
referrer-policy
same-origin
server
cloudflare
ue-backend
wsgi-register
ue-node
uwsgi-regiser1
vary
Cookie, Accept-Language, Origin
x-content-type-options
nosniff
x-frame-options
DENY

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:26:43 GMT
location
https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
referrer-policy
same-origin
server
nginx
ue-backend
tenants
ue-node
apinode1
vary
Cookie, Origin
x-content-type-options
nosniff
x-frame-options
DENY
/
app.user.com/jsi18n/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.user.com/jsi18n/
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c72942c566e907d892ed337f47c5a8c5c737aeb6242a16a79fb3ee3fe481ee11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
referrer-policy
same-origin
cf-cache-status
DYNAMIC
content-type
text/javascript; charset="utf-8"
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-language
en-us
ue-backend
wsgi-register
vary
Accept-Language, Cookie, Origin
ue-node
uwsgi-regiser1
cf-ray
73967454cfc476ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-content-type-options
nosniff
main.a31ee44e7fef7898cc3e.css
register-static.user.com/static/bundles/ 		792 KB
330 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
age
50256
cf-polished
origSize=923898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FFH2QVKSW0X2C61C
x-amz-id-2
GQ2IN1AfT54sqh+dn4hi+fdK73jOgZ2fzgIndnaFO10qW2KznT6Jvin7i74YIF9vd2EVGCgCyVA=
last-modified
Tue, 01 Feb 2022 07:36:23 GMT
server
cloudflare
etag
W/"4a5449e2ee2834089b79fed0961f9496"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=432000
cf-ray
73967454dfd076ba-LHR
cf-bgj
minify
widget.js
support.user.com/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://support.user.com/widget.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b882d62cb9b21e8457687e877d626d57c4731dfc1071438bd3885c0a626f7bed

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
age
67466
ue-backend
widget
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 28 Jul 2022 06:17:59 GMT
server
cloudflare
etag
W/"62e22a17-25503"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
ue-node
widget2
cf-ray
73967454dfd276ba-LHR
cf-bgj
minify
register.a4d01e980448fd7aaf07.css
register-static.user.com/static/bundles/ 		383 KB
266 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/bundles/register.a4d01e980448fd7aaf07.css
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50f24e413a49131fa1f247c1ec68adaa5833314cd73c903967e09a6dc3025823

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
age
60934
cf-polished
origSize=402643
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
RJQSF37QQW3YAT87
x-amz-id-2
Uk2CgC1MrIK1WajdRTtjjVPMaj9xiZGrgBrnywVTXdJjq/5/xNRqNF+UMm5qkfM/6bd+axv3g4aTCJnVQREfWg==
last-modified
Wed, 16 Feb 2022 07:09:16 GMT
server
cloudflare
etag
W/"d60c8fae29e7d853712dd5e91c66d7d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=432000
cf-ray
73967454dfd176ba-LHR
cf-bgj
minify
logo-black-normal.svg
register-static.user.com/static/img/usercom/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://register-static.user.com/static/img/usercom/logo-black-normal.svg
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Feb 2022 07:35:57 GMT
server
cloudflare
age
35954
etag
W/"3338f831a349558bc7d70acf65ae8b44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=432000
cf-ray
739674559866719c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
73F2E4BD7FDX3F5Q
x-amz-id-2
hFw9vrPCWHsur6KTIcw/YaO1USu9HqfSw0xCo6QsA/ZzsdDqk5ZDTn4fKd1rpkoQk+EVBe8ci8c=
api.js
www.google.com/recaptcha/ 		884 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2492bb3ef4ff96c91eecb6b3568ce9f74f8ad12c730d09f23f77f902945e5337
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
584
x-xss-protection
1; mode=block
expires
Fri, 12 Aug 2022 04:26:43 GMT
gogle-register%402x.png
register-static.user.com/static/img/brands/google/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://register-static.user.com/static/img/brands/google/gogle-register%402x.png
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
cf-cache-status
HIT
age
65138
cf-polished
status=cannot_optimize
cf-ray
739674559868719c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7446
x-amz-id-2
+8hDmkkV3ETrs6eUqcs+4xLMiHBbu9a5C+pO/OtpGlIsBwe4jRHuTr+vHL3iaa8ErUfqmNXl11g=
last-modified
Tue, 01 Feb 2022 07:35:57 GMT
server
cloudflare
etag
"b6f49555c27bc50bde81836f4feb1155"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
1ZXHQJ3GX9HAADGF
cache-control
max-age=432000
accept-ranges
bytes
content-type
image/png
cf-bgj
imgq:100,h2pri
main.e1629583c45680bc0592.js
register-static.user.com/static/bundles/ 		452 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/bundles/main.e1629583c45680bc0592.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8411a0b4a891adf60b734d191018636467a06c3908bb90964780760971733b2e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
age
65139
cf-polished
origSize=464464
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
66TCFW4FWGKDPZ36
x-amz-id-2
RGHFr8zEt7ocmUzDmA1KKCpBoHw1nI7ldavrYfvx/Q/pbRrPMp9E2145CvWzA0fkMeeL2GT3Czs9JWSkr8Up9Q==
last-modified
Tue, 01 Feb 2022 07:36:23 GMT
server
cloudflare
etag
W/"bc0bc1730a22fe24f8376543a6724840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
73967455784c719c-LHR
cf-bgj
minify
register.4f88bf4f0a93bc741025.js
register-static.user.com/static/bundles/ 		1 MB
423 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/bundles/register.4f88bf4f0a93bc741025.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c729f4f5cd5a1d6390889b5776f253040a5b7d6dc06eb3842d781e039c90779

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
age
8017
cf-polished
origSize=1413235
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
8TAK9W9DMXZ5TH86
x-amz-id-2
NfD+mOQ1LLkumXdnOxukOYWZMMyR2gF5OTQMz5HFHRAMC8hhQmJsrmAnf/CRcT/zeT5O6PpZ0zk=
last-modified
Tue, 22 Feb 2022 07:11:48 GMT
server
cloudflare
etag
W/"f7e6ee4026475a60aa042dadd7f0b78d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
739674559865719c-LHR
cf-bgj
minify
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
Origin
https://app.user.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
73967455e8e3b77f-AMS
gtm.js
www.googletagmanager.com/ 		270 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ed8836c5167039e3cdbdb1c9b58bf850f7d65d603fb66d07b1da672d51aa943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72026
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 12 Aug 2022 04:26:43 GMT
DMSans-Medium.woff2
register-static.user.com/static/fonts/dmsans/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/fonts/dmsans/DMSans-Medium.woff2
Requested by
Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f

Request headers

Referer
https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Origin
https://app.user.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
50256
cf-ray
73967455ca2976f3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29880
x-amz-id-2
DsApy73vqI8Dm7p6lIJtp4xjXNuT5UM1/I/X/BGLDnQIN4VP2hX/vfxExnVsXdD7dBYILgEuS9A=
last-modified
Tue, 01 Feb 2022 07:35:56 GMT
server
cloudflare
etag
"d940ea16273447cce854f545842768fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
TNY80FB95Z9BC5T8
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
content-type
application/octet-stream
DMSans-Regular.woff2
register-static.user.com/static/fonts/dmsans/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/fonts/dmsans/DMSans-Regular.woff2
Requested by
Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308

Request headers

Referer
https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Origin
https://app.user.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
9931
cf-ray
73967455ca2a76f3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29948
x-amz-id-2
wopaHAVCD6jrBCmjBmFeQOm612AFLuFm2dbg+/I8GppWFJ77ILGkKp20XLJflo08HF2ZY3feQaM=
last-modified
Tue, 01 Feb 2022 07:35:56 GMT
server
cloudflare
etag
"7795a419ed60bbfac7070ea410eeae6a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
7HC7CPYCFWGABSAJ
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
content-type
application/octet-stream
fa-solid-900.woff2
register-static.user.com/static/fonts/ 		63 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://register-static.user.com/static/fonts/fa-solid-900.woff2
Requested by
Host: register-static.user.com
URL: https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad

Request headers

Referer
https://register-static.user.com/static/bundles/main.a31ee44e7fef7898cc3e.css
Origin
https://app.user.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
9931
cf-ray
73967455ca2d76f3-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64428
x-amz-id-2
B7Jn1E04BuOX1rX5M3sofWSvLfbZBZVEhloV4JlCaNpBeV+tZhnyVJfRWWgNNVxl/9QU59VcAto=
last-modified
Tue, 01 Feb 2022 07:35:55 GMT
server
cloudflare
etag
"c4fc4e6d5fcf0af616e6cd6f884b72e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-request-id
CDYTRRBNSJW5Y978
access-control-allow-origin
*
cache-control
max-age=432000
accept-ranges
bytes
content-type
application/octet-stream
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 		388 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81a492d71281f1962a6a6c3c08ea3705d11a20004c5b2d7bac2dbc642a978ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
Origin
https://app.user.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 16:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158318
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:57:33 GMT
widget-app.645b1105a7f8bc1ef2dc.js
widget.user.com/ 		92 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-app.645b1105a7f8bc1ef2dc.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ee1603459a9e104bfd5ae028d04e9e73340658d51919da9164ccfbcba33a346

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 06:17:59 GMT
server
cloudflare
age
6944
etag
W/"62e22a17-1702b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
73967457397576ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
optimize.js
www.google-analytics.com/gtm/ 		125 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=GTM-W9RLSSW
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d60629b9848150dc9d917e2cae6b6d566c597bfad4368b8b7b51fe86fea35471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46281
x-xss-protection
0
expires
Fri, 12 Aug 2022 04:26:43 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9238af1802efa3046b3797ceea558ad14ce91d0ea14f81d85827458747f7fce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72417
x-xss-protection
0
expires
Fri, 12 Aug 2022 04:26:43 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1e35df5e7c8a2e6f0357278194d9533c06f7323175ef633652b54d60ae6c6eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72321
x-xss-protection
0
expires
Fri, 12 Aug 2022 04:26:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SBSNG9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
534
date
Fri, 12 Aug 2022 04:17:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 12 Aug 2022 06:17:49 GMT
array.js
product-data.user.com/static/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product-data.user.com/static/array.js
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.182.134.226 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
871d88010fb8d6126b515213d888291bb42774e0443cd11be073e02ec4c8ca18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
gzip
referrer-policy
same-origin
last-modified
Wed, 08 Jun 2022 19:54:55 GMT
server
Caddy, gunicorn
etag
"62a0fe8f-1f85b"
x-frame-options
DENY
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
max-age=60, public
vary
Accept-Encoding
content-length
38901
x-content-type-options
nosniff
anchor
www.google.com/recaptcha/api2/ Frame 144E 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea91d623857ed722c7a8acb7d3d1427995c7aff27fb8f1eac3554a2965ec1c91
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NEr5HtquZXvsjlc4pCM3TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21887
content-security-policy
script-src 'report-sample' 'nonce-NEr5HtquZXvsjlc4pCM3TQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:26:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
anchor
www.google.com/recaptcha/api2/ Frame 0EDE 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=n5dcig4rfe6c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c3553c7bddf746656e8574a8d6ba438f07d619856fb542fe94d6ba4ea2763f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TlFFRMDpxndclhf4_Cx4qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
1037
content-security-policy
script-src 'report-sample' 'nonce-TlFFRMDpxndclhf4_Cx4qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Aug 2022 04:26:43 GMT
expires
Fri, 12 Aug 2022 04:26:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
widget-actionsStore.645b1105a7f8bc1ef2dc.js
widget.user.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-actionsStore.645b1105a7f8bc1ef2dc.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 06:17:59 GMT
server
cloudflare
age
5568
etag
W/"62e22a17-1469"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
73967457aa6c719c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
support.user.com/api/v2/user-chatping/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/v2/user-chatping/
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e4aa9eab420dd9f28647bef57982803dbdfa120e8fbf16af42d15e3270ae62d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 04:26:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
same-origin
allow
POST, OPTIONS
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie, Origin
content-type
application/json
access-control-allow-origin
https://app.user.com
access-control-allow-credentials
true
ue-node
apinode8
cf-ray
739674582aed719c-LHR
/
support.user.com/api/v2/user-chatping/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/v2/user-chatping/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.user.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app.user.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73967457ac2d76f3-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:26:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ue-backend
tenants
ue-node
apinode5
vary
Origin
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1688314589&t=pageview&_s=1&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fmercyhealth.user.com%2F&ul=en-us&de=UTF-8&dt=User.com%20%7C%20Login%20-%20User.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABRAAAAC~&jid=1628231875&gjid=790663253&cid=1615128201.1660278404&tid=UA-100960632-1&_gid=1782285099.1660278404&_r=1&gtm=2wg8805SBSNG9&cd12=&cd3=1615128201.1660278404&z=679304805
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:26:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 0EDE 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=n5dcig4rfe6c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 15:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 15:43:59 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 0EDE 		388 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=normal&cb=n5dcig4rfe6c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81a492d71281f1962a6a6c3c08ea3705d11a20004c5b2d7bac2dbc642a978ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 16:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158318
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:57:33 GMT
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-P39TDMK54G&gtm=2oe880&_p=1688314589&cid=1615128201.1660278404&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660278403&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fmercyhealth.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P39TDMK54G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:26:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2065MFPQH5&gtm=2oe880&_p=1688314589&cid=1615128201.1660278404&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660278403&sct=1&seg=0&dl=https%3A%2F%2Fapp.user.com%2Faccounts%2Flogin%2F%3Fnext%3Dhttps%253A%2F%2Fmercyhealth.user.com%2F&dt=User.com%20%7C%20Login%20-%20User.com&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2065MFPQH5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:26:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 144E 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 11 Aug 2022 15:43:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Aug 2023 15:43:59 GMT
recaptcha__fr.js
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 144E 		388 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__fr.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81a492d71281f1962a6a6c3c08ea3705d11a20004c5b2d7bac2dbc642a978ea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 16:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
300550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158318
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 04:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 16:57:33 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-100960632-1&cid=1615128201.1660278404&jid=1628231875&gjid=790663253&_gid=1782285099.1660278404&_u=aGBACEAARAAAAC~&z=1524683305
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 12 Aug 2022 04:26:43 GMT
content-type
text/plain
access-control-allow-origin
https://app.user.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-100960632-1&cid=1615128201.1660278404&jid=1628231875&_u=aGBACEAARAAAAC~&z=1091818857
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:26:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-100960632-1&cid=1615128201.1660278404&jid=1628231875&_u=aGBACEAARAAAAC~&z=1091818857
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Aug 2022 04:26:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
support.user.com/api/webpush/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/webpush/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://app.user.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://app.user.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
739674591de576f3-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 12 Aug 2022 04:26:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
ue-backend
tenants
ue-node
apinode3
vary
Origin
/
support.user.com/api/webpush/ 		1 KB
879 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://support.user.com/api/webpush/
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ab247afd9eec35ab1a0446618acf3d5a3037a970beb8a058ef0d4ca76993b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ue-backend
tenants
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
same-origin
allow
POST, OPTIONS
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Cookie, Origin
content-type
application/json
access-control-allow-origin
https://app.user.com
access-control-allow-credentials
true
ue-node
apinode4
cf-ray
739674597c36719c-LHR
widget-chatStore.645b1105a7f8bc1ef2dc.js
widget.user.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-chatStore.645b1105a7f8bc1ef2dc.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 06:17:59 GMT
server
cloudflare
age
6141
etag
W/"62e22a17-30cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget2
cf-ray
739674591be3719c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
widget-launcherModule.645b1105a7f8bc1ef2dc.js
widget.user.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-launcherModule.645b1105a7f8bc1ef2dc.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2af537294c3ddffa162a4f51df4e7d0eeee399989b870491b4081def270625

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 06:17:59 GMT
server
cloudflare
age
6742
etag
W/"62e22a17-3137"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
739674591be6719c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
qoDE96B9evRkqdCyBBqEGlns5YYX3prB.jpg
media.user.com/avatars/ Frame D987 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/avatars/qoDE96B9evRkqdCyBBqEGlns5YYX3prB.jpg
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01f7cda9edcbe812a1915f0adb29c513f076c1030ef9d9ed2d5c4ccb16cd3d2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
2CZDMDMTGW2G95R2
cf-polished
origSize=3548, status=webp_bigger
cf-ray
739674597afd76ba-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3282
x-amz-id-2
PaEo/MG1mObNoPxmjMOx/fZcXTj4eCDOy9rYQNqROHA3pZtJJh7mBboONq6kyiLusQVx2cb8UBw=
last-modified
Wed, 17 Nov 2021 04:25:33 GMT
server
cloudflare
etag
"6251d27cdc4cfb8cda96e1fcdf6582b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
imgq:100,h2pri
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 144E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:59:48 GMT
x-content-type-options
nosniff
age
206816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 16 Aug 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 144E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:06:41 GMT
x-content-type-options
nosniff
age
213603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 09 Aug 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 144E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 22:21:19 GMT
x-content-type-options
nosniff
age
281125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 22:21:19 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 144E 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3e011418413db38eeb6bdaef5c8a550acf2ac45769e9d84b102eb360bbcf1840
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 12 Aug 2022 04:26:44 GMT
widget-webpushModule.645b1105a7f8bc1ef2dc.js
widget.user.com/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.user.com/widget-webpushModule.645b1105a7f8bc1ef2dc.js
Requested by
Host: support.user.com
URL: https://support.user.com/widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Jul 2022 06:17:59 GMT
server
cloudflare
age
1238
etag
W/"62e22a17-3550"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
ue-backend
widget
ue-node
widget1
cf-ray
7396745a7d16719c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reload
www.google.com/recaptcha/api2/ Frame 144E 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__fr.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3f31e6832cb574bde1096faf818aa1c3ea3f7999fcd0f732698e7a0c545e88f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LckpJAUAAAAAFx3Ywv8kTCIusy2spXnPN27HYFE&co=aHR0cHM6Ly9hcHAudXNlci5jb206NDQz&hl=fr&v=gWN_U6xTIPevg0vuq7g1hct0&size=invisible&cb=vuzk2u7fwdcc
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18406
x-xss-protection
1; mode=block
expires
Fri, 12 Aug 2022 04:26:44 GMT
xsUbgaj0NFXqsoNYaYXoSwGdAs11AO60.png
media.user.com/avatars/ Frame D987 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/avatars/xsUbgaj0NFXqsoNYaYXoSwGdAs11AO60.png
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15e32f1bc2eabf6fd4debc83efb6f541f88cc06bc337369887f652f2e55750a5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
DEY7P8RD33S21JAP
cf-polished
origFmt=png, origSize=17708
cf-ray
7396745aad51719c-LHR
content-disposition
inline; filename="xsUbgaj0NFXqsoNYaYXoSwGdAs11AO60.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10664
x-amz-id-2
kD1hBT4nEK60wSdmWgGkziFjNwhlr61w6caLcDp9UnOgqa6czoUguOPMOxdzWR6jjuA/j+sRjS+a1enq5G8W1g==
last-modified
Wed, 17 Nov 2021 05:19:13 GMT
server
cloudflare
etag
"de9577ada5c4f0271442f3e2662812f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-version-id
null
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
user-logo-square-1.jpg
media.user.com/uploads/1t1nnm-userengage-support/
Redirect Chain
  • https://eu.user.com/media/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
  • https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
Requested by
Host: app.user.com
URL: https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
Protocol
H3
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6edfd25429478d698a018807461c27cf992cd8399343c6382b826f0a5d19663c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:44 GMT
cf-cache-status
HIT
age
2444
cf-polished
origFmt=jpeg, origSize=9717
cf-ray
7396745b2dcc719c-LHR
content-disposition
inline; filename="user-logo-square-1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2880
x-amz-id-2
l2cYHKh/zA5ODjmqhJ7J7a+SW7wjy7v5tiNHtf2GabIq+o2WJZFXCzwTsypIqzQs+NnuBKvTeWA=
last-modified
Thu, 18 Nov 2021 07:50:38 GMT
server
cloudflare
etag
"559614145db411818f6ddab01cabcfb3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
W3ZHTDMBTEMQYJX9
x-amz-version-id
null
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri

Redirect headers

location
https://media.user.com/uploads/1t1nnm-userengage-support/user-logo-square-1.jpg
content-length
0
/
product-data.user.com/e/ 		13 B
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://product-data.user.com/e/?ip=1&_=1660278405296&ver=1.23.0
Requested by
Host: product-data.user.com
URL: https://product-data.user.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.182.134.226 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 04:26:45 GMT
referrer-policy
same-origin
server
Caddy, gunicorn
access-control-allow-headers
X-Requested-With
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.user.com
access-control-allow-credentials
true
vary
Cookie
content-length
13
x-content-type-options
nosniff
/
product-data.user.com/decide/ 		193 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://product-data.user.com/decide/?v=2&ip=1&_=1660278405297&ver=1.23.0
Requested by
Host: product-data.user.com
URL: https://product-data.user.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.182.134.226 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Caddy, gunicorn /
Resource Hash
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 12 Aug 2022 04:26:45 GMT
referrer-policy
same-origin
server
Caddy, gunicorn
access-control-allow-headers
X-Requested-With
x-frame-options
DENY
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://app.user.com
access-control-allow-credentials
true
vary
Cookie
content-length
193
x-content-type-options
nosniff
rum
app.user.com/cdn-cgi/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.user.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.user.com/accounts/login/?next=https%3A//mercyhealth.user.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
application/json

Response headers

date
Fri, 12 Aug 2022 04:26:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://app.user.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
739674613d61719c-LHR
vary
Origin
ff4d00-0-0.png
media.user.com/old-media/uploads/6238/
Redirect Chain
  • https://app.userengage.com/media/uploads/6238/ff4d00-0-0.png
  • https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
34 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
Protocol
H3
Server
2606:4700:10::6816:225c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 04:26:45 GMT
cf-cache-status
HIT
age
6963
cf-polished
origFmt=png, origSize=95
cf-ray
73967464a929719c-LHR
content-disposition
inline; filename="ff4d00-0-0.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34
x-amz-id-2
jlu8M7/SqG4QMsr+O+rg3FwpcQNIqNCqoRTHDsK0qUcRbWMgptiYEOnUfQebX4KK6hBtqYVozJA=
last-modified
Fri, 03 Dec 2021 10:43:20 GMT
server
cloudflare
etag
"9591c410148e6883727c5339fd1c02cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
MG5071J1X0R7WD2P
x-amz-version-id
null
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri

Redirect headers

date
Fri, 12 Aug 2022 04:26:45 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
267
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FBH3DMxLFiD2WEXFjSNI%2Bc%2BlZxxEQDzw%2FwSQElX0oMcRLLIJiluycQo591COoMNHQkMCRZhSiGZVrubx5InRTdUc6xC7zzcmzBCM8i5sgXNYBmGTKcSj37778XS%2FSwTp%2BObCtKFEmjv00kr68VJZg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://media.user.com/old-media/uploads/6238/ff4d00-0-0.png
cf-ray
739674647efdb88b-AMS
content-length
0

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format string| WSS_NOTIFIER object| civchat object| webpackChunkusercom_widget object| regeneratorRuntime function| parcelRequire object| UE function| userengage object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| setImmediate function| clearImmediate object| ue object| WS object| google_tag_manager object| google_tag_data object| __cfBeacon string| GoogleAnalyticsObject function| ga object| posthog object| recaptcha object| closure_lm_333222 object| UsercomInstance object| gaplugins object| google_optimize object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

12 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AMjm62XBSRXkies3oS5P5hVOlk1SRC7DhyGQwFuLCOB3HIR1_4syskdOuFnTQGmUumocXiXIPuzqIy1fmEqMudQ
app.user.com/ Name: csrftoken
Value: 9lSTAlxA6R66kiEDkud8D8nQMt8THwso4jwLsp3tQH50Ks4D0ZDumlvMxr7UFoP9
app.user.com/ Name: sessionid
Value: 6kinpg15dbm0fyluva6uay29smr7snc6
.user.com/ Name: _gcl_au
Value: 1.1.1785220024.1660278404
.user.com/ Name: _gid
Value: GA1.2.1782285099.1660278404
.user.com/ Name: _gat_UA-100960632-1
Value: 1
.user.com/ Name: _ga_P39TDMK54G
Value: GS1.1.1660278403.1.0.1660278403.0
.user.com/ Name: _ga
Value: GA1.1.1615128201.1660278404
.user.com/ Name: _ga_2065MFPQH5
Value: GS1.1.1660278403.1.0.1660278403.0
.user.com/ Name: _ueuuid
Value: M39olLkyednjLu0n
.user.com/ Name: __ca__chat
Value: d2ib3t9alq3u
.user.com/ Name: ph_phc_exKluOWwUdfAmO5le0yGPzGwlwNty7WlI3zd7sfwF4E_posthog
Value: %7B%22distinct_id%22%3A%22182904df8a4322-04836194539b62-1e303679-1d4c00-182904df8a57b0%22%2C%22%24device_id%22%3A%22182904df8a4322-04836194539b62-1e303679-1d4c00-182904df8a57b0%22%2C%22%24initial_referrer%22%3A%22%24direct%22%2C%22%24initial_referring_domain%22%3A%22%24direct%22%2C%22%24referrer%22%3A%22%24direct%22%2C%22%24referring_domain%22%3A%22%24direct%22%2C%22%24sesid%22%3A%5B1660278405289%2C%22182904df8aabb6-0d7d85f274edbc-1e303679-1d4c00-182904df8ab313%22%5D%2C%22%24session_recording_enabled_server_side%22%3Afalse%2C%22%24active_feature_flags%22%3A%5B%5D%2C%22%24enabled_feature_flags%22%3A%7B%7D%7D

2 Console Messages

Source Level URL
Text
network error URL: https://register-static.user.com/static/bundles/register.4f88bf4f0a93bc741025.js(Line 83)
Message:
WebSocket connection to 'wss://app.user.com/ws/notifier/' failed: Error during WebSocket handshake: Unexpected response code: 404
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.user.com
app.userengage.com
eu.user.com
fonts.gstatic.com
media.user.com
mercyhealth.user.com
product-data.user.com
region1.google-analytics.com
register-static.user.com
static.cloudflareinsights.com
stats.g.doubleclick.net
support.user.com
widget.user.com
www.google-analytics.com
www.google.com
www.google.fr
www.googletagmanager.com
www.gstatic.com
147.182.134.226
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:10::6816:225c
2606:4700:10::ac43:2592
2606:4700:20::681a:164
2606:4700:440e::ac40:9c1a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c1b::9d
51.77.134.129
51.91.31.155
087ad01ffaf62e7b8ecee1bd1e1ea770399c8fc82900d1e7db134e5baf825c0f
15e32f1bc2eabf6fd4debc83efb6f541f88cc06bc337369887f652f2e55750a5
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e35df5e7c8a2e6f0357278194d9533c06f7323175ef633652b54d60ae6c6eef
1e4aa9eab420dd9f28647bef57982803dbdfa120e8fbf16af42d15e3270ae62d
1ef629211f79c3de01794cf294dd988b6ab7bf7a8c7c3d58e3f24440038531b2
2492bb3ef4ff96c91eecb6b3568ce9f74f8ad12c730d09f23f77f902945e5337
2c3553c7bddf746656e8574a8d6ba438f07d619856fb542fe94d6ba4ea2763f0
2e2af537294c3ddffa162a4f51df4e7d0eeee399989b870491b4081def270625
2ed8836c5167039e3cdbdb1c9b58bf850f7d65d603fb66d07b1da672d51aa943
3e011418413db38eeb6bdaef5c8a550acf2ac45769e9d84b102eb360bbcf1840
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f31e6832cb574bde1096faf818aa1c3ea3f7999fcd0f732698e7a0c545e88f0
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8
50f24e413a49131fa1f247c1ec68adaa5833314cd73c903967e09a6dc3025823
5323b169dbd28eb5b59d68445117d5d12c0151f2d5328f66862493c81d24e26d
533036bd37d4d87bd4e3cad3010f2a29d00f24ffc34bb5b22598951c44d91452
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6edfd25429478d698a018807461c27cf992cd8399343c6382b826f0a5d19663c
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
81a492d71281f1962a6a6c3c08ea3705d11a20004c5b2d7bac2dbc642a978ea7
8411a0b4a891adf60b734d191018636467a06c3908bb90964780760971733b2e
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
871d88010fb8d6126b515213d888291bb42774e0443cd11be073e02ec4c8ca18
8ee1603459a9e104bfd5ae028d04e9e73340658d51919da9164ccfbcba33a346
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
9c729f4f5cd5a1d6390889b5776f253040a5b7d6dc06eb3842d781e039c90779
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a9238af1802efa3046b3797ceea558ad14ce91d0ea14f81d85827458747f7fce
b01f7cda9edcbe812a1915f0adb29c513f076c1030ef9d9ed2d5c4ccb16cd3d2
b1fd38fc3eedf82b1a61a1225d6469833f5a2775db377bf69d8b77e47e8c7250
b52d559484cf526bb0a5ac6fb1514049fafc8192a82064cdb81f861dc9d84792
b882d62cb9b21e8457687e877d626d57c4731dfc1071438bd3885c0a626f7bed
bffad81246e13f89b8aff1aa4415ff0cd6d7ec01aec2a19e740a48e64fd5cf1b
c72942c566e907d892ed337f47c5a8c5c737aeb6242a16a79fb3ee3fe481ee11
d026c377dae351eeb868de58af2e64ebf22c483dbc4121ee663ba5a04d5185a4
d60629b9848150dc9d917e2cae6b6d566c597bfad4368b8b7b51fe86fea35471
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ab247afd9eec35ab1a0446618acf3d5a3037a970beb8a058ef0d4ca76993b9
ea91d623857ed722c7a8acb7d3d1427995c7aff27fb8f1eac3554a2965ec1c91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fe004359b238bd1670cc1f8939ce08dea0aa91b3fb1a424d0e5c4dc63f4552ad