forms.nexhealth.com Open in urlscan Pro
2606:4700:4400::ac40:90d6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/ED_5CyPOvkH6xX9vPTZ9JfZ?domain=url247.campaigns.nexhealth.com
Effective URL:
https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
Submission: On February 13 via manual (February 13th 2024, 1:06:03 pm UTC) from US — Scanned from US

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 16 HTTP transactions. The main IP is 2606:4700:4400::ac40:90d6, located in United States and belongs to CLOUDFLARENET, US. The main domain is forms.nexhealth.com. The Cisco Umbrella rank of the primary domain is 537859.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 8th 2024. Valid for: a year.

This is the only time forms.nexhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	205.139.111.117 205.139.111.117	() ()
2 13	2606:4700:440... 2606:4700:4400::ac40:90d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
16	5

2 205.139.111.117 (United States) 2 redirects

ASN- ()
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:4400::ac40:90d6 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

url247.campaigns.nexhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.nexhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nexhealth.com 2 redirects url247.campaigns.nexhealth.com — Cisco Umbrella Rank: 386046 forms.nexhealth.com — Cisco Umbrella Rank: 537859	1 MB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 9797	3 KB
1	mxpnl.com cdn4.mxpnl.com — Cisco Umbrella Rank: 12029	19 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4727	16 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	39 KB
16	6

	Domain	Requested by
12	forms.nexhealth.com	1 redirects forms.nexhealth.com
2	fonts.googleapis.com	forms.nexhealth.com
2	protect-us.mimecast.com	2 redirects
1	cdn4.mxpnl.com	forms.nexhealth.com
1	browser.sentry-cdn.com	forms.nexhealth.com
1	cdn.jsdelivr.net	forms.nexhealth.com
1	url247.campaigns.nexhealth.com	1 redirects
16	7

This site contains no links.

Subject Issuer	Validity	Valid
nexhealth.com Cloudflare Inc ECC CA-3	`2024-02-08` - `2024-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
Frame ID: 6C2C8703F5FCAC19537FBB24BE44069C
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Forms For Robert Todd | NexHealth

Page URL History Show full URLs

https://protect-us.mimecast.com/s/ED_5CyPOvkH6xX9vPTZ9JfZ?domain=url247.campaigns.nexhealth.com HTTP 307
https://protect-us.mimecast.com/r/9g1XEzY1sqLmRowMp8FuLuEvj2hM8TNWMF1eZDqiwkDvsjFBlBdTIu8PA8qaiaeaXK0wV-AFUe... HTTP 307
https://url247.campaigns.nexhealth.com/ls/click?upn=Vqb-2BZMSBspPw04EVQTmx7CbXffFQRuMmwETkrQV6lfAJ6uSnWAIIox5J4OZC7... HTTP 302
https://forms.nexhealth.com/s/82uhmoyZVV/ HTTP 302
https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

1291 kB
Transfer

5693 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/ED_5CyPOvkH6xX9vPTZ9JfZ?domain=url247.campaigns.nexhealth.com HTTP 307
https://protect-us.mimecast.com/r/9g1XEzY1sqLmRowMp8FuLuEvj2hM8TNWMF1eZDqiwkDvsjFBlBdTIu8PA8qaiaeaXK0wV-AFUe0KH6JGIUS8xHy9d11y9lii_m_SLTmeCTrZ879o6U757unOJQuE3SHf6jnyYwKwVxebrS5FPy0Mc1I-7HN8B2Xp8KunrgrPJWjpcLcEgaSk2EHeAyUX1cufYca1UZGX9hg9VA5mkvFfcKiqzziSCGcZY8VaEWZZl081L1vTHJg9FywkGaaI2UEu9LThpKHIMacOBlXSKeZnHVxC4TfoVIqXpc-38Rvb5-o7SN7bV5nNzkGxz0H0hPL84DEoxlT4CY6NFkyjaG-iHEPM8bcwAndgJbYEnEuUCcBQLRjlyXjE2EVcSzd3fNFCSPU8hDs-vzs7EGNwYBhg5DBdxIa3ZPAU95Se8Bxcpkay51B7Je-a2ej6zrpYHrNQDfDN9PjLP2tdSwd4eWBVomq0fV9_52eqf7NYmsSBJHCW1c8l54A_s5TGulQ2JbS6EqDclvFPLheAMmS3Jk49f6230RVq7t0zi_G5fGBzRGX2HDfh6G7afJnnRIGQmm8mlsHlueyRwhgw92YAjLSBzyw7-3qNFKGw8Fz28iDmbztsyiHH7vQyH3tWke-suI0i-ZyVMqS5Dz8_hPl-IR4Z8oGAQ9DhQ9zn6QCT8ZSOaVoeXc9Jh0f0cg7krC-d5sAI0m9_4UtA8GyPRSRnXJ7kh2hMXpEewpxoQFbQ4cRbxSOgC6fmcZXFPXJi-bMrlY7UYZTah7qvAEmX4YwcumsMYphBAz-T6tUM5f8kwpUNCGIvnR0EaF_kU7N3r-d2xLFHu6sjeo_p-KG0FTE4l5Sa6YGZWHqrQfpLuBe7E4eHSMAbGqtE-_hAodG16-5Xm2zi3Ruy0VHFesNlQRPx6XJsN-aBXSHoQXGBFq5CYDUUmbm4aLFPnn3HH9TmkK7h-zTcXCqOzP_BaG7j3TNZhiN2RBrlMh6CSJ6SRqX0n-OWZo5Gnu_wmXK2cJ8_sm7kuB3V6XHlHeor26B5djhI5VkYEOURl0U7JLdzpcBHwyjWGN5NKxt3ASO09kx0x5izSamBYvbCWNoVK70fcJrnC92uLY-wdY6zKrxJB13I4z40n5X9cQmYAxzSD76a3BGCQQC_zWwRSc6ZyvR4Vyo1q33yUhe69xuxvOQHc2YVr48TwoAQKTyb3P0Sw8CEpulUMetWZE_PEMF6SxQFD9eZTPVwuvyFacnEyGVPxinRDVQkoHSI0jbSx4HpTu3qsp-QjaEz_vOPoe-wzfzkr3WoL1QndMF4KNtCoZUCumg6YxWl-o2EigGKt0mTACzVCEPQUh8oC_myNPQToNNm0dVaIJuHRVlot5RP9JSbxLOp-ozmNqY9xbQf2MFvSQTCOdQEs8EaM1MZhwghUmWOEiEscG4T-hrm2DebnqLloY1JpBKB2uSsbaDDHzcfQfHPEC11dJtNtzodyi4XMEPEqXgGuv4-RU92Kc0ssbPj-8CWYqym6fLqex3Ff03N_f_a5I7zws3zJ2JFPf5inFcEov2mQOaIytUe-F6Q2ISWle7Y_gaGlKLhnD6X3zT6ZVPSXEZSi6XKJpHC-UnUkWAVxz3csMWOPdRCfczZw2Y0I47f7cHNG41JHfZwOXhXgkbWluX4uAmIr59sYLUavsUn2hsGCCGDpaqiGucJXsAiprnvXRWmy_y5UQPQnOdwsBCbW4-kShPeH5i0NWqr06zQIcia3ORJS5_lqa4mcM1J8ndcpp2XZBxzIT7EGKV3Jm7bnz_z10JntPP0MVbwXFy_gV-WduPqLZpB51MVUuseJqU_eWxYxqi7i9skvJvYIipxWPdVj6tCmn578_QxnzsdLN7RJkC6OP0A5SOGbwzoYuCOyQTNWRXW1eI5mNl5uSC5dM9bwUnVfZQO0bQNxj7MqOdf7JBk4QjICfyKZAj7sBcGyAfKXJHsz6-GtMUHu3YZcqT0AimAMeOoVOMz4-ogmO7aRrlKWMq2GCWecmdhWtuX6iivSo50KokIsKDmEZyGktxHDBKqkyOMRUH2JkMMlHktXnGPFq1Axa1Uu-EhZxwX_FsmyyDfcLQkrUga0Y908Tp4wSadW2O4Is73p46I-lt1uQHyBlNOxiyMvyZ8_r7AsTPDvfmZu0zTI6D9hdVkk_2JN3pIb7SR2bSZiCTvLKfBLH2Idt5T8CkBfVlrqa1FRg3j_AgP3hFpoVSgWgT17cVAbmp8KtiQECpqcA7LtijDmD3t_ayBUQ8J7T5POCg2Vpvloeo5-wrGsL-HSWWC5KHTvRpni37-Q7u9hRMGCuXdKZrZMDC_EiVIh3Dah1C-PI-cY7vkJxRnZEtT8RJycEASzWZXatDXRp02Q8b1kqWLnMHxvfKlWwtz4K43Y6DVPUBCFIHJgoMcM69yl4vhAqkc_7xQ1N5GMnd8pnmrZ0uB-OzD8FmZfY6n_48B6xjplF0IQvJ2z4USQs-uJDeoj8J5tjPi HTTP 307
https://url247.campaigns.nexhealth.com/ls/click?upn=Vqb-2BZMSBspPw04EVQTmx7CbXffFQRuMmwETkrQV6lfAJ6uSnWAIIox5J4OZC7aYMt-2Bss9DWyjGAwkZg6o0jabA-3D-3Dj0M3_62i4ZQidJAut2vx9TYnJ84yVq-2ByeCG756hwZdoL9IiSQdUHpRIKgJI8XqIS2GrtSazYzmRVe-2BhsGMncAvldQlclYKl-2B1dt8C67LLzjxf8Wm3gOeLDSjXHe-2Fuc9Mc10yx5aUB6t-2BuYq45le-2Fw8qTDe47jLbwS-2F4DuSzvaOEnWB84jVEYzwO0HkoWy005dEj5-2B9adfmrFKWEKwe51lobP5l8a-2FS-2FQp8tTK8GhS5mbyJZvSEcnkAWee-2FjyD-2F-2FcypwKHXWj1YKa85pzB4A-2FoFIa3zjjIuwR0H8UsRZRiq3NDm4-2BD1J8LFhWsYgHKglmLopq5FKfRheS-2BhY46VHmc-2FotFZv-2F1k0fSxxvaR7tvN-2FeyfiU-3D HTTP 302
https://forms.nexhealth.com/s/82uhmoyZVV/ HTTP 302
https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
Redirect Chain

https://protect-us.mimecast.com/s/ED_5CyPOvkH6xX9vPTZ9JfZ?domain=url247.campaigns.nexhealth.com
https://protect-us.mimecast.com/r/9g1XEzY1sqLmRowMp8FuLuEvj2hM8TNWMF1eZDqiwkDvsjFBlBdTIu8PA8qaiaeaXK0wV-AFUe0KH6JGIUS8xHy9d11y9lii_m_SLTmeCTrZ879o6U757unOJQuE3SHf6jnyYwKwVxebrS5FPy0Mc1I-7HN8B2Xp8Ku...
https://url247.campaigns.nexhealth.com/ls/click?upn=Vqb-2BZMSBspPw04EVQTmx7CbXffFQRuMmwETkrQV6lfAJ6uSnWAIIox5J4OZC7aYMt-2Bss9DWyjGAwkZg6o0jabA-3D-3Dj0M3_62i4ZQidJAut2vx9TYnJ84yVq-2ByeCG756hwZdoL9Ii...
https://forms.nexhealth.com/s/82uhmoyZVV/
https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

6 KB
2 KB

343ms
342ms

Document
text/html

2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e3080e35177a3bb776dec53f04eb7249c1df1f1b419df53684b8e4499b649f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 854d493489f84bd2-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 13 Feb 2024 13:05:58 GMT
server: cloudflare
strict-transport-security: max-age=16070400
vary: Origin, Cookie, Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: DENY
x-runtime: 0.26418066024780273
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 854d4933999a4bd2-BUF
content-type: text/html; charset=utf-8
date: Tue, 13 Feb 2024 13:05:58 GMT
location: /requests/session/f65c9342d921485f92184b6625cf66cc/
server: cloudflare
strict-transport-security: max-age=16070400
vary: Origin, Cookie
x-content-type-options: nosniff nosniff
x-frame-options: DENY
x-runtime: 0.03353261947631836
x-xss-protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 106ms
40ms Stylesheet
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:49:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:05:59 GMT

GET
H3 200 formio.full.min.ab2492db7953.css
forms.nexhealth.com/static/css/ 77 KB
17 KB 63ms
58ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/css/formio.full.min.ab2492db7953.css

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73609ca6b00ee4959723618c9d4c8390ddfce9ae076cdb873baac35e78d7bcc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=79046
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2265298
cf-ray: 854d49381ea36aee-BUF
expires: Sun, 10 Mar 2024 18:20:57 GMT

GET
H3 200 modern-ui.5eb15ac9ea11.css
forms.nexhealth.com/static/css/ 11 KB
2 KB 93ms
87ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/css/modern-ui.5eb15ac9ea11.css

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07dc98d537dabb594a20fea82bf86d30c5de67244b064194b263d06c035fdc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=13091
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2265298
cf-ray: 854d49381ea56aee-BUF
expires: Sun, 10 Mar 2024 18:20:57 GMT

GET
H3 200 main.min.a95038ef68ea.css
forms.nexhealth.com/static/css/ 1 MB
184 KB 94ms
89ms Stylesheet
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/css/main.min.a95038ef68ea.css

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9291a874d7f50a826db15326807611106c50233c3aaf64772074d3ee79e70dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1154022
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2268317
cf-ray: 854d49381ea66aee-BUF
expires: Sun, 10 Mar 2024 19:11:16 GMT

GET
H2 200 bluebird.js Show response
cdn.jsdelivr.net/npm/bluebird@3.7.2/js/browser/ 179 KB
39 KB 93ms
29ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bluebird@3.7.2/js/browser/bluebird.js

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2584e7871b3d869fcba965cf8f1f30e962d60019931a0b88cc474fd99f80822f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 13 Feb 2024 13:05:59 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3072529
x-jsd-version: 3.7.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39509
x-served-by: cache-fra-eddf8230021-FRA, cache-nyc-kteb1890022-NYC
x-jsd-version-type: version
etag: W/"2cc5e-6JEnJ/XQrpoVIRuanc4Qj9RDyBU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.7.1/ 50 KB
16 KB 99ms
28ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.7.1/bundle.min.js

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

24e4877ca33576796f28eb3d787740cf52079aa02d95506db9bb60c5a4339545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://forms.nexhealth.com/
Origin: https://forms.nexhealth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Tue, 15 Oct 2019 10:21:31 GMT
server: Fastly
age: 16242748
etag: "6fa70d51e7fefe0bbbc21c95dd967761"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15874
expires: Thu, 08 Aug 2024 13:13:32 GMT

GET
H3 200 main.min.f5c482b1bdb4.js Show response
forms.nexhealth.com/static/js/ 154 KB
55 KB 172ms
171ms Script
application/javascript 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/js/main.min.f5c482b1bdb4.js

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa95b60f90565e83c449edc3df828cb63c5926f865224d713389d18cdd747412

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=158250
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2265298
cf-ray: 854d49381ea76aee-BUF
expires: Sun, 10 Mar 2024 18:20:57 GMT

GET
H3 200 client.min.66d7addbf08a.js Show response
forms.nexhealth.com/static/js/ 3 MB
680 KB 174ms
173ms Script
application/javascript 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/js/client.min.66d7addbf08a.js

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7313044b32e4e391dcd0d70cba368ca8ac5d257f8682887505339768542ba535

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=2778323
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2265672
cf-ray: 854d49381ea86aee-BUF
expires: Sun, 10 Mar 2024 18:27:11 GMT

GET
H3 200 client_scripts.min.54d6b4c05cc2.js Show response
forms.nexhealth.com/static/js/ 52 KB
16 KB 237ms
236ms Script
application/javascript 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/js/client_scripts.min.54d6b4c05cc2.js

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef6a67d12ab41979ac903eae7dcb5820225aa8f2d75b2716375718fb884c9333

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=53810
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2265026
cf-ray: 854d49381ea96aee-BUF
expires: Sun, 10 Mar 2024 18:16:25 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 54 KB
19 KB 309ms
25ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 12:58:11 GMT
content-encoding: gzip
age: 468
x-guploader-uploadid: ABPtcPqYGQ8bd1lRVa1Dro36hjpzLFQzajcKZEIOE-dJWsybE1pykBEl2k9Qy_gHy-G9JDRi7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18490
last-modified: Tue, 06 Feb 2024 00:09:36 GMT
server: UploadServer
etag: "eb0675a8749ea5d76345796217db928f"
vary: Accept-Encoding
x-goog-generation: 1707178176338436
x-goog-hash: crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18490
accept-ranges: bytes
expires: Tue, 13 Feb 2024 13:08:11 GMT

GET
H3 200 fontawesome-webfont.97493d3f11c0.woff2
forms.nexhealth.com/static/fonts/ 55 KB
56 KB 56ms
55ms Font
font/woff2 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/fonts/fontawesome-webfont.97493d3f11c0.woff2

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/static/css/main.min.a95038ef68ea.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forms.nexhealth.com/static/css/main.min.a95038ef68ea.css
Origin: https://forms.nexhealth.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Fri, 09 Feb 2024 18:03:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2266723
cf-ray: 854d49398eff6aee-BUF
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Sun, 10 Mar 2024 18:44:42 GMT

GET
H3 200 css2 Show response
fonts.googleapis.com/ 12 KB
787 B 92ms
40ms XHR
text/css 2607:f8b0:4006:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/static/js/main.min.f5c482b1bdb4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Feb 2024 13:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 12:33:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Feb 2024 13:05:59 GMT

GET
H3 200 formio.full.min.ab2492db7953.css Show response
forms.nexhealth.com/static/css/ 77 KB
17 KB 41ms
40ms XHR
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/css/formio.full.min.ab2492db7953.css

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/static/js/main.min.f5c482b1bdb4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a615589877446a5af651f734debb5bbb6a8aeaeb1f8b34ec7957fa4d24e6be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=79046
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:56 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2265298
cf-ray: 854d4939cf1e6aee-BUF
expires: Sun, 10 Mar 2024 18:20:57 GMT

GET
H3 200 modern-ui.5eb15ac9ea11.css Show response
forms.nexhealth.com/static/css/ 11 KB
2 KB 42ms
41ms XHR
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/css/modern-ui.5eb15ac9ea11.css

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/static/js/main.min.f5c482b1bdb4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e07dc98d537dabb594a20fea82bf86d30c5de67244b064194b263d06c035fdc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=13091
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2265298
cf-ray: 854d4939cf1f6aee-BUF
expires: Sun, 10 Mar 2024 18:20:57 GMT

GET
H3 200 main.min.a95038ef68ea.css Show response
forms.nexhealth.com/static/css/ 1 MB
184 KB 48ms
47ms XHR
text/css 2606:4700:4400::ac40:90d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.nexhealth.com/static/css/main.min.a95038ef68ea.css

Requested by

Host: forms.nexhealth.com
URL: https://forms.nexhealth.com/static/js/main.min.f5c482b1bdb4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::ac40:90d6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9291a874d7f50a826db15326807611106c50233c3aaf64772074d3ee79e70dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://forms.nexhealth.com/requests/session/f65c9342d921485f92184b6625cf66cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:05:59 GMT
strict-transport-security: max-age=16070400
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=1154022
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Fri, 09 Feb 2024 18:03:57 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2268317
cf-ray: 854d4939cf206aee-BUF
expires: Sun, 10 Mar 2024 19:11:16 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nexhealth.com/	1970-01-20 18:23:51	Name: __cf_bm Value: Ia9NbESF3fmxgjZzTCDCgZ4ZzrF.FYCAifompr7fpl0-1707829558-1-AbwBPLnzlVXAurq5IrtQ7T4R2SsRnobZII8378bmmgkvEdOMmxJekRBNuvfWPw5IWIYS4MNvuwWNppBkUuVSdkE=
forms.nexhealth.com/	1969-12-31 23:59:59	Name: sessionid Value: p8h37hnlwjg68d2z4hp36p2wwh8vrx8d
.nexhealth.com/	1970-01-21 03:09:25	Name: mp_81535a48719c85c24be4183110aa7d45_mixpanel Value: %7B%22distinct_id%22%3A%2036893%2C%22%24device_id%22%3A%20%2218da293019d2a35-0583bc4aa653e9-603a5652-1d4c00-18da293019d2a35%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%2036893%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://forms.nexhealth.com/static/js/main.min.f5c482b1bdb4.js(Line 1) Message: The keyword 'slider-vertical' specified to an 'appearance' property is not standardized. It will be removed in the future and replaced by vertical writing-mode (currently experimental).

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
cdn.jsdelivr.net
cdn4.mxpnl.com
fonts.googleapis.com
forms.nexhealth.com
protect-us.mimecast.com
url247.campaigns.nexhealth.com
205.139.111.117
2606:4700:4400::ac40:90d6
2607:f8b0:4006:80a::200a
2a04:4e42:600::485
2a04:4e42::729
35.186.235.23
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca
24e4877ca33576796f28eb3d787740cf52079aa02d95506db9bb60c5a4339545
2584e7871b3d869fcba965cf8f1f30e962d60019931a0b88cc474fd99f80822f
3a615589877446a5af651f734debb5bbb6a8aeaeb1f8b34ec7957fa4d24e6be1
7313044b32e4e391dcd0d70cba368ca8ac5d257f8682887505339768542ba535
73609ca6b00ee4959723618c9d4c8390ddfce9ae076cdb873baac35e78d7bcc9
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
9291a874d7f50a826db15326807611106c50233c3aaf64772074d3ee79e70dcf
9e3080e35177a3bb776dec53f04eb7249c1df1f1b419df53684b8e4499b649f5
aa95b60f90565e83c449edc3df828cb63c5926f865224d713389d18cdd747412
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
e07dc98d537dabb594a20fea82bf86d30c5de67244b064194b263d06c035fdc2
ef6a67d12ab41979ac903eae7dcb5820225aa8f2d75b2716375718fb884c9333

forms.nexhealth.com Open in urlscan Pro 2606:4700:4400::ac40:90d6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

67 %IPv6

6 Domains

7 Subdomains

5 IPs

1 Countries

1291 kBTransfer

5693 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

forms.nexhealth.com Open in urlscan Pro
2606:4700:4400::ac40:90d6 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

5
IPs

1
Countries

1291 kB
Transfer

5693 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions