ereferral.apps.healius.com.au Open in urlscan Pro
172.64.153.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral
Submission: On May 15 via manual (May 15th 2024, 3:59:08 am UTC) from AU — Scanned from AU

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 11 HTTP transactions. The main IP is 172.64.153.27, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is ereferral.apps.healius.com.au.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 29th 2024. Valid for: 10 months.

This is the only time ereferral.apps.healius.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	172.64.153.27 172.64.153.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.71.74 142.250.71.74	15169 (GOOGLE) (GOOGLE)
2	142.250.71.67 142.250.71.67	15169 (GOOGLE) (GOOGLE)
11	4

7 172.64.153.27 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

ereferral.apps.healius.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web-assets.apps.healius.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.71.74 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.71.67 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	healius.com.au ereferral.apps.healius.com.au web-assets.apps.healius.com.au	80 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
11	3

	Domain	Requested by
5	web-assets.apps.healius.com.au	ereferral.apps.healius.com.au
2	fonts.gstatic.com	fonts.googleapis.com
2	ereferral.apps.healius.com.au
1	fonts.googleapis.com	ereferral.apps.healius.com.au
11	4

This site contains no links.

Subject Issuer	Validity	Valid
ereferral.apps.healius.com.au Cloudflare Inc ECC CA-3	`2024-02-29` - `2024-12-31`	10 months	crt.sh
web-assets.apps.healius.com.au Cloudflare Inc ECC CA-3	`2024-02-29` - `2024-12-31`	10 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral
Frame ID: F0C2D25FB804958AF8D78B39125A4B10
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Healius eReferral

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

113 kB
Transfer

592 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 500 Primary Request referral Show response
ereferral.apps.healius.com.au/WDP/ref/YPU9QT/ 3 KB
3 KB 83ms
44ms Document
text/html 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c5b40f01e62f309ba682f138864f647b1df92b1719cefc726b8dae58d9123f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8840368a3a165d25-SYD
content-language: en-AU
content-security-policy-report-only: script-src 'self' *.healius.com.au cdn.jsdelivr.net cdnjs.cloudflare.com code.jquery.com unpkg.com;style-src 'self' *.healius.com.au fonts.googleapis.com;font-src 'self' *.healius.com.au fonts.googleapis.com fonts.gstatic.com;img-src 'self' *.healius.com.au cdn.cloudflare.com;frame-src 'self' *.healius.com.au;media-src 'self' *.healius.com.au;object-src 'none';child-src 'none';worker-src 'none';manifest-src 'none';prefetch-src 'none';connect-src 'none';navigate-to *.healius.com.au *.live.com *.microsoftonline.com login.microsoft.com;form-action *.healius.com.au *.live.com *.microsoftonline.com login.microsoft.com;default-src 'self' *.healius.com.au;
content-type: text/html;charset=UTF-8
date: Wed, 15 May 2024 03:59:02 GMT
expires: 0
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 healius-brand.min.css
web-assets.apps.healius.com.au/css/ 449 KB
52 KB 404ms
62ms Stylesheet
text/css 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-assets.apps.healius.com.au/css/healius-brand.min.css

Requested by

Host: ereferral.apps.healius.com.au
URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443d46d922ee9ff5a47c5c6227fef6a2169d5d7f488bcf80a3d936646ab9c491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 03:59:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 13:39:39 GMT
server: cloudflare
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8840368cb8e15c09-SYD
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 patientEReferral.min.css
web-assets.apps.healius.com.au/css/eReferral/ 1 KB
939 B 379ms
38ms Stylesheet
text/css 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-assets.apps.healius.com.au/css/eReferral/patientEReferral.min.css

Requested by

Host: ereferral.apps.healius.com.au
URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48018830be95e1e47876eacb7447c7ddc7af86618a12612f508fa61aca600f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 03:59:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 13:39:39 GMT
server: cloudflare
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8840368cb8e45c09-SYD
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 212ms
108ms Stylesheet
text/css 142.250.71.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: ereferral.apps.healius.com.au
URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.74 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f10.1e100.net

Software

ESF /

Resource Hash

7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 May 2024 03:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 May 2024 03:30:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 May 2024 03:59:02 GMT

GET HealiusPathology_null.svg
web-assets.apps.healius.com.au/images/medway/images/ 0
0

GET
H2 200 popper.min.js Show response
web-assets.apps.healius.com.au/js/ 18 KB
7 KB 396ms
56ms Script
application/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-assets.apps.healius.com.au/js/popper.min.js

Requested by

Host: ereferral.apps.healius.com.au
URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 03:59:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 13:39:39 GMT
server: cloudflare
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8840368cb8e95c09-SYD
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 bootstrap.min.js Show response
web-assets.apps.healius.com.au/js/ 58 KB
16 KB 366ms
46ms Script
application/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-assets.apps.healius.com.au/js/bootstrap.min.js

Requested by

Host: ereferral.apps.healius.com.au
URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f362f2fcaa0a48763648a0dad24cf9ffecf2c21fc30332b3b9248c20dbc76dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 03:59:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 13:39:39 GMT
server: cloudflare
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8840368cb8f35c09-SYD
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 patientEReferral.min.js Show response
web-assets.apps.healius.com.au/js/eReferral/ 425 B
327 B 371ms
52ms Script
application/javascript 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://web-assets.apps.healius.com.au/js/eReferral/patientEReferral.min.js

Requested by

Host: ereferral.apps.healius.com.au
URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a97414705a452f7bac72219d38729deaa1292f0fe04159a7016fa55e3ec2a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 03:59:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 11 Apr 2024 13:39:39 GMT
server: cloudflare
content-encoding: gzip
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8840368cb8f15c09-SYD
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 360ms
4ms Font
font/woff2 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ereferral.apps.healius.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 01:37:42 GMT
x-content-type-options: nosniff
age: 440481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 May 2025 01:37:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 364ms
8ms Font
font/woff2 142.250.71.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.67 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f3.1e100.net

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ereferral.apps.healius.com.au
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 01:32:30 GMT
x-content-type-options: nosniff
age: 440793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 May 2025 01:32:30 GMT

GET
H2 200 favicon.ico
ereferral.apps.healius.com.au/ 4 KB
297 B 44ms
44ms Other
image/x-icon 172.64.153.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ereferral.apps.healius.com.au/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.64.153.27 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f41ee55e60ac39390101de036c30ee5ceb2b1f4cce444317066933d54e08e89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral
Accept-Language: en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 03:59:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: script-src 'self' *.healius.com.au cdn.jsdelivr.net cdnjs.cloudflare.com code.jquery.com unpkg.com;style-src 'self' *.healius.com.au fonts.googleapis.com;font-src 'self' *.healius.com.au fonts.googleapis.com fonts.gstatic.com;img-src 'self' *.healius.com.au cdn.cloudflare.com;frame-src 'self' *.healius.com.au;media-src 'self' *.healius.com.au;object-src 'none';child-src 'none';worker-src 'none';manifest-src 'none';prefetch-src 'none';connect-src 'none';navigate-to *.healius.com.au *.live.com *.microsoftonline.com login.microsoft.com;form-action *.healius.com.au *.live.com *.microsoftonline.com login.microsoft.com;default-src 'self' *.healius.com.au;
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 30 Mar 2024 15:18:06 GMT
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-ray: 8840368fb8885d25-SYD
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web-assets.apps.healius.com.au
URL: https://web-assets.apps.healius.com.au/images/medway/images/HealiusPathology_null.svg

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ereferral.apps.healius.com.au/	1969-12-31 23:59:59	Name: SESSION Value: MjdkYzFmOGMtMzExNC00ZTEyLThkZDctY2YxYWNkYzhiZGEw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral Message: Failed to load resource: the server responded with a status of 500 ()
security	error	URL: https://ereferral.apps.healius.com.au/WDP/ref/YPU9QT/referral Message: Unrecognized Content-Security-Policy directive 'prefetch-src'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ereferral.apps.healius.com.au
fonts.googleapis.com
fonts.gstatic.com
web-assets.apps.healius.com.au
web-assets.apps.healius.com.au
142.250.71.67
142.250.71.74
172.64.153.27
443d46d922ee9ff5a47c5c6227fef6a2169d5d7f488bcf80a3d936646ab9c491
48018830be95e1e47876eacb7447c7ddc7af86618a12612f508fa61aca600f38
5a97414705a452f7bac72219d38729deaa1292f0fe04159a7016fa55e3ec2a71
7e7fd9f1e6fd2387dc2a5bb83cb72a1c44206347ad8ffde69bcab829cf88b1ff
e0c5b40f01e62f309ba682f138864f647b1df92b1719cefc726b8dae58d9123f
f362f2fcaa0a48763648a0dad24cf9ffecf2c21fc30332b3b9248c20dbc76dc7
f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd
f41ee55e60ac39390101de036c30ee5ceb2b1f4cce444317066933d54e08e89b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

ereferral.apps.healius.com.au Open in urlscan Pro 172.64.153.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

113 kBTransfer

592 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

ereferral.apps.healius.com.au Open in urlscan Pro
172.64.153.27 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

113 kB
Transfer

592 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions