batman.erx-14176.stage.getheally.com Open in urlscan Pro
44.238.71.192 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://batman.erx-14176.stage.getheally.com/
Effective URL:
https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
Submission: On July 25 via api (July 25th 2024, 3:24:43 am UTC) from US — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 56 HTTP transactions. The main IP is 44.238.71.192, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is batman.erx-14176.stage.getheally.com.
TLS certificate: Issued by R11 on July 24th 2024. Valid for: 3 months.

This is the only time batman.erx-14176.stage.getheally.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	44.238.71.192 44.238.71.192	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	18.66.107.219 18.66.107.219	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
14	104.126.37.178 104.126.37.178	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
56	22

8 44.238.71.192 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-71-192.us-west-2.compute.amazonaws.com

batman.erx-14176.stage.getheally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
erx-14176.stage.getheally.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.107.219 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-219.fra56.r.cloudfront.net

dbuxvggzyqqg6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.126.37.178 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-178.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	150 KB
8	getheally.com 1 redirects batman.erx-14176.stage.getheally.com erx-14176.stage.getheally.com	2 MB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 o.clarity.ms — Cisco Umbrella Rank: 12757 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104 region1.google-analytics.com — Cisco Umbrella Rank: 3123	21 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567 fonts.googleapis.com — Cisco Umbrella Rank: 110	208 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	292 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3773
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 252	418 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1335 script.hotjar.com — Cisco Umbrella Rank: 2017	60 KB
2	gstatic.com fonts.gstatic.com	62 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	75 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	775 B
1	google.de www.google.de — Cisco Umbrella Rank: 6716	63 B
1	cloudfront.net dbuxvggzyqqg6.cloudfront.net	2 KB
1	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 12556	50 KB
0	hs-scripts.com Failed js.hs-scripts.com Failed
56	17

	Domain	Requested by
14	analytics.tiktok.com	batman.erx-14176.stage.getheally.com analytics.tiktok.com
5	www.google-analytics.com	batman.erx-14176.stage.getheally.com www.googletagmanager.com www.google-analytics.com
5	erx-14176.stage.getheally.com	batman.erx-14176.stage.getheally.com
4	maps.googleapis.com	batman.erx-14176.stage.getheally.com maps.googleapis.com
3	www.googletagmanager.com	batman.erx-14176.stage.getheally.com www.googletagmanager.com
3	batman.erx-14176.stage.getheally.com	1 redirects erx-14176.stage.getheally.com
2	c.clarity.ms	1 redirects
2	o.clarity.ms	www.clarity.ms analytics.tiktok.com
2	www.facebook.com	batman.erx-14176.stage.getheally.com
2	region1.analytics.google.com	www.googletagmanager.com analytics.tiktok.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.clarity.ms	batman.erx-14176.stage.getheally.com www.clarity.ms
2	fonts.gstatic.com	erx-14176.stage.getheally.com fonts.googleapis.com
2	connect.facebook.net	batman.erx-14176.stage.getheally.com connect.facebook.net
1	c.bing.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	batman.erx-14176.stage.getheally.com
1	static.hotjar.com	batman.erx-14176.stage.getheally.com
1	fonts.googleapis.com	erx-14176.stage.getheally.com
1	dbuxvggzyqqg6.cloudfront.net	batman.erx-14176.stage.getheally.com
1	js.braintreegateway.com	batman.erx-14176.stage.getheally.com
0	js.hs-scripts.com Failed	batman.erx-14176.stage.getheally.com
56	23

This site contains no links.

Subject Issuer	Validity	Valid
erx-14176.stage.getheally.com R11	`2024-07-24` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-06-13` - `2025-06-12`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-03` - `2024-08-01`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.de WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
Frame ID: 4E06574AFDF32B384D5B211AEC776C2B
Requests: 56 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Partners Landing | Heally

Page URL History Show full URLs

https://batman.erx-14176.stage.getheally.com/ HTTP 302
https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

56
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

2657 kB
Transfer

6761 kB
Size

22
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://batman.erx-14176.stage.getheally.com/ HTTP 302
https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9B16A410FE8E4CAFB243479238C2582A&RedC=c.clarity.ms&MXFR=245088E8B6636E1330619C2FB26360A3 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B16A410FE8E4CAFB243479238C2582A&MUID=22D6AA37A82E68C52FF1BEF0A9A569BD

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request partners_landing Show response
batman.erx-14176.stage.getheally.com/patient_admin/
Redirect Chain

https://batman.erx-14176.stage.getheally.com/
https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

15 KB
7 KB

260ms
259ms

Document
text/html

44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

e6511f6271556dd514337b5acf7cc986e9a191a243b49cbb8222df70035eb60f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 25 Jul 2024 03:24:34 GMT
etag: W/"e6511f6271556dd514337b5acf7cc986"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 6670bab3797c9155feac7e1b732bbd0a
x-runtime: 0.071260
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-cache
content-type: text/html; charset=utf-8
date: Thu, 25 Jul 2024 03:24:33 GMT
location: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 3983c6e67200d9bd6fd47feed5c2b5a9
x-runtime: 0.005262
x-xss-protection: 1; mode=block

GET
H2 200 application-0f21086a320fccc8c93fb22db75e3dd30f85a91bf714045e0a3f82cc23e6524c.css
erx-14176.stage.getheally.com/assets/ 2 MB
609 KB 208ms
174ms Stylesheet
text/css 44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://erx-14176.stage.getheally.com/assets/application-0f21086a320fccc8c93fb22db75e3dd30f85a91bf714045e0a3f82cc23e6524c.css

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

c91826300b370305d39987934cf5745869eb0107547577d92b40e580d9580227

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 Jul 2024 15:07:39 GMT
etag: "66a118bb-97c83"
vary: Accept-Encoding
content-type: text/css
content-length: 621699

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 278 KB
92 KB 90ms
37ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB4u6hv7R5EmduUjaFH8YjLf9sLfyvZzEc&language=en&region=US

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

16eb49ed0fe393f5d80f2ec2add8527136e552ab7db18262d1b5880b4d2093c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94291
x-xss-protection: 0

GET 5248905.js
js.hs-scripts.com/ 0
0

GET
H2 200 application-14773c75a6a048f465e195720794bfa76d08b9b59baf0dae94363d3a0fcec83c.js Show response
erx-14176.stage.getheally.com/assets/patient_auth/ 978 KB
264 KB 567ms
534ms Script
application/javascript 44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://erx-14176.stage.getheally.com/assets/patient_auth/application-14773c75a6a048f465e195720794bfa76d08b9b59baf0dae94363d3a0fcec83c.js

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

ee44de6398db19c63fef7a4c21b8fbfb0f5995b17364726ef1ba4a353ec7fe1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 Jul 2024 15:07:39 GMT
etag: "66a118bb-41ad5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
content-length: 269013

GET
H2 200 braintree.js Show response
js.braintreegateway.com/v2/ 175 KB
50 KB 88ms
11ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/v2/braintree.js

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBB) /

Resource Hash

d6e0061b4cd5bfe96e4a8c1e2cb11e61d5032b566557827a0523260aaca2ff86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: b5de8ef277ac3
dc: ccg11-origin-www-1.paypal.com
content-length: 50990
last-modified: Wed, 20 Sep 2023 21:16:28 GMT
server: ECAcc (frc/4CBB)
traceparent: 00-0000000000000000000b5de8ef277ac3-287af4fd5eef2e79-01
etag: W/"650b612c-2bc49"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com

GET
H2 200 heally.js Show response
dbuxvggzyqqg6.cloudfront.net/stat_assets/ 4 KB
2 KB 523ms
447ms Script
application/javascript 18.66.107.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dbuxvggzyqqg6.cloudfront.net/stat_assets/heally.js?production-6df46fd2
Requested by: Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.107.219 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-107-219.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: 38f4332d0cacaaf2befd13beaee222acb8dc05f4f41d9e1d02b5d46106366c00

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-encoding: gzip
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-original-content-length: 7390
server: nginx/1.22.0
x-amz-cf-pop: FRA56-P5
etag: W/"PSA-aj-FrU_yXSbY7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
content-length: 1615
x-amz-cf-id: UOT8SGC3PZkqXJXWtsnH7OGnbl6mgamrauwv__E37npc4TnKMMUCig==
expires: Thu, 25 Jul 2024 03:08:37 GMT

GET
H2 200 38957.png
erx-14176.stage.getheally.com/cdn_assets/partner_brandings/background/ 733 KB
735 KB 1489ms
1459ms Image
image/png 44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erx-14176.stage.getheally.com/cdn_assets/partner_brandings/background/38957.png

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

8d5db76bf1fbd335485b5926b8f5be33069b1412fccaabf068157835e02a39d1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 Jul 2024 15:25:07 GMT
x-amz-request-id: 17E556CDCE4F8128
etag: "84825f844aa673bb467e60cee9547081"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
content-length: 750176
x-xss-protection: 1; mode=block

GET
H2 200 38956.png
erx-14176.stage.getheally.com/cdn_assets/partner_brandings/logo/ 79 KB
79 KB 1490ms
1461ms Image
image/png 44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://erx-14176.stage.getheally.com/cdn_assets/partner_brandings/logo/38956.png

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

4a9a53cbdb7d2359b0eedaf47864ad6059ec765f3a919bf3fe8939c51b1bcf2f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:34 GMT
content-security-policy: block-all-mixed-content
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 Jul 2024 15:25:07 GMT
x-amz-request-id: 17E556CDCE4FD793
etag: "9a95a8ffb852f0b55d1e37aaeceb692c"
vary: Origin, Accept-Encoding
content-type: image/png
accept-ranges: bytes
content-length: 80850
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 86ms
22ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en

Requested by

Host: erx-14176.stage.getheally.com
URL: https://erx-14176.stage.getheally.com/assets/application-0f21086a320fccc8c93fb22db75e3dd30f85a91bf714045e0a3f82cc23e6524c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 03:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 02:07:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 03:24:36 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 39ms
16ms XHR
application/json 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB4u6hv7R5EmduUjaFH8YjLf9sLfyvZzEc&language=en&region=US

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
112 KB 102ms
44ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRCKMQ2

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a89ef5d0c9038186fd24db748d4f89da0f726bc6ac9059571a70ed7bf03a14cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114432
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jul 2024 03:24:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 61ms
12ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 02:53:22 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1874
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Jul 2024 04:53:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 54ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 03:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1297, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 8unvUjDMnaihuF7QQwMi9KID9aoV9lptUhGjosg9wlEp5hq7IXAbMtA9XVNDPm2ycPkxUjRZ0mjrtOK1Q5NOVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff
fonts.gstatic.com/s/opensans/v13/ 14 KB
14 KB 235ms
22ms Font
font/woff 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3bO3LdcAZYWl9Si6vvxL-qU.woff

Requested by

Host: erx-14176.stage.getheally.com
URL: https://erx-14176.stage.getheally.com/assets/application-0f21086a320fccc8c93fb22db75e3dd30f85a91bf714045e0a3f82cc23e6524c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4194a431cca6678145f2c4d7d2e597087e2a76a4878c26b66315b2ba4f4ea393

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://erx-14176.stage.getheally.com/
Origin: https://batman.erx-14176.stage.getheally.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 15:16:26 GMT
x-content-type-options: nosniff
age: 130090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 15:16:26 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 222ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&lang=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://batman.erx-14176.stage.getheally.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 12:26:16 GMT
x-content-type-options: nosniff
age: 140300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Jul 2025 12:26:16 GMT

GET
H2 200 token Show response
batman.erx-14176.stage.getheally.com/patient_admin/braintree/ 2 KB
2 KB 615ms
615ms XHR
application/json 44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://batman.erx-14176.stage.getheally.com/patient_admin/braintree/token

Requested by

Host: erx-14176.stage.getheally.com
URL: https://erx-14176.stage.getheally.com/assets/patient_auth/application-14773c75a6a048f465e195720794bfa76d08b9b59baf0dae94363d3a0fcec83c.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

cea6d1a7f0517bc5047062a23e75ed878be0d67c4f07881c1817075d8728c314

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
X-CSRF-Token: uC8Qb6jahrTOd7tSY7DYMmTdJ30Zs6QD4gZXZ9G3KyzKRKmYboyHT4b8sJIC-4RHNTVh2HHOI9_-DaoAnxI1vg
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-runtime: 0.430187
date: Thu, 25 Jul 2024 03:24:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"cea6d1a7f0517bc5047062a23e75ed87"
x-download-options: noopen
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-xss-protection: 1; mode=block
x-request-id: ebc2a19b1532a60af16da124551a447c

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
94 KB 27ms
25ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDD68W0NRL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRCKMQ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

993e3b39d004bb0a8f769f1d804f98dd2beeb3fdcd2c504cc0308cbe3232d516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95800
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jul 2024 03:24:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 0ms
0ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRCKMQ2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 02:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1874
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 25 Jul 2024 04:53:22 GMT

GET
H2 200 ak8wz7jldi Show response
www.clarity.ms/tag/ 802 B
1 KB 361ms
230ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ak8wz7jldi?ref=gtm2
Requested by: Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0c4dc1cd11885ee5b291c5c132abbde334d70089f6178f13bdf44e37953bd1b0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jul 2024 03:24:36 GMT
x-azure-ref: 20240725T032436Z-16b8f8f97cf2w2xxe3ctwcqumc0000000140000000001was
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 802
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 426ms
165ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH9BERJC77U3R61ELVCG&lib=ttq
Requested by: Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 597293ebd1e4c31bd4718fd7da11a4e059932243fbfdc977a1a276a9a32dab46

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 12234973.11440419
date: Thu, 25 Jul 2024 03:24:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407250324364F8BB685108F2F5C0A11-0EB49D2BB1AD9B9A-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 114,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=110, origin; dur=14, inner; dur=9
content-length: 1630
pragma: no-cache
server: nginx
x-tt-logid: 202407250324364F8BB685108F2F5C0A11
x-cache-remote: TCP_MISS from a23-218-223-70.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.218.223.70
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b42611b07f0dea2c57495ae84a13d2798e233a4b473456256ab91e3db44eddc0df644846f7dcac7f47232459f31f4e0c4529243b213dfb302f72d40145d896c464b8c08dc160c65e7cdf78578d33ca8e7028f
expires: Thu, 25 Jul 2024 03:24:37 GMT

GET
H2 200 hotjar-3802113.js Show response
static.hotjar.com/c/ 10 KB
5 KB 173ms
45ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3802113.js?sv=6

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

e73a9f0216c7e6057715ba566ecbadadd783dea11ff8959488e1ee64a7f2f5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 25 Jul 2024 03:24:36 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/d1a71320688d26aaed5b71b26fe33f1e
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: IDIx8MR1HwPKQFU0hmqzVApFLhT6Nw4CpvT-qrB9ed88I2zKHdCRnQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
223 B 16ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=458373670&t=pageview&_s=1&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com%2Fpatient_admin%2Fpartners_landing&ul=de-de&de=UTF-8&dt=Partners%20Landing%20%7C%20Heally&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAAEABBAAAACAAI~&jid=791950959&gjid=476460624&cid=53632391.1721877877&tid=UA-75603698-2&_gid=190748580.1721877877&_r=1&_slc=1&z=452240461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
69 B 18ms
16ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=458373670&t=pageview&_s=1&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com%2Fpatient_admin%2Fpartners_landing&ul=de-de&de=UTF-8&dt=Partners%20Landing%20%7C%20Heally&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAACAAI~&jid=619083944&gjid=1300613281&cid=53632391.1721877877&tid=UA-75603698-1&_gid=190748580.1721877877&_slc=1&gtm=45He47o0n81MRCKMQ2v77579268za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=635428765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
361 B 130ms
22ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75603698-1&cid=53632391.1721877877&jid=619083944&gjid=1300613281&_gid=190748580.1721877877&npa=1&_u=YGDAiEABBAAAAGAAI~&z=1349785202

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 25 Jul 2024 03:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
69 B 15ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=458373670&t=pageview&_s=1&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com%2Fpatient_admin%2Fpartners_landing&ul=de-de&de=UTF-8&dt=Partners%20Landing%20%7C%20Heally&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAGAAI~&jid=704746106&gjid=274016250&cid=53632391.1721877877&tid=%5Bobject%20Object%5D&_gid=190748580.1721877877&_r=1&_slc=1&gtm=45He47o0n81MRCKMQ2v77579268za200&gcd=13l3l3l2l1&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=1871619267

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3718756291488156 Show response
connect.facebook.net/signals/config/ 70 KB
15 KB 106ms
104ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3718756291488156?v=2.9.162&r=stable&domain=batman.erx-14176.stage.getheally.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d36da05127137405ff1aa46678a705e80457b4597391ff3a2665c2859f3f8372

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 03:24:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=65, mss=1297, tbw=64222, tp=-1, tpl=-1, uplat=90, ullat=0
pragma: public
x-fb-debug: 7pryNo1wbLu3IsGtNzzYb4FcAT23N7sN2/WpxCFJIlW3S7e5QdoxQBc1t7F/yBrd1lWjbvtYTyoTgOBK0UBFjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 241 KB
86 KB 50ms
47ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-2X87VRCB7N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDD68W0NRL&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a0c1d71ef738dd8c82235fbe0c3935a5c461d3bd59eb3e562445e0e4496833a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 25 Jul 2024 03:24:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 77ms
8ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDD68W0NRL&gtm=45je47o0v869736044z877579268za200zb77579268&_p=1721877876085&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=53632391.1721877877&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721877876&sct=1&seg=0&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com%2Fpatient_admin%2Fpartners_landing&dt=Partners%20Landing%20%7C%20Heally&en=page_view&_fv=1&_ss=1&tfd=3335
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDD68W0NRL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 32ms
22ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KDD68W0NRL&cid=53632391.1721877877&gtm=45je47o0v869736044z877579268za200zb77579268&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDD68W0NRL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 56ms
22ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KDD68W0NRL&cid=53632391.1721877877&gtm=45je47o0v869736044z877579268za200zb77579268&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1&npa=1&frm=0&z=267002895

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 87ms
9ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3718756291488156&ev=PageView&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com&rl=&if=false&ts=1721877876970&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721877876959.183853575872695914&cs_est=true&pm=1&hrl=368e0d&ler=empty&cdl=API_unavailable&it=1721877876656&coo=false&cs_cc=1&rqm=GET

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Jul 2024 03:24:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 243ms
165ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3718756291488156&ev=PageView&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com&rl=&if=false&ts=1721877876970&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721877876959.183853575872695914&cs_est=true&pm=1&hrl=368e0d&ler=empty&cdl=API_unavailable&it=1721877876656&coo=false&cs_cc=1&rqm=FGET

Requested by

Host: batman.erx-14176.stage.getheally.com
URL: https://batman.erx-14176.stage.getheally.com/patient_admin/partners_landing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 25 Jul 2024 03:24:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7395409169916416099", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=14, mss=1297, tbw=3157, tp=-1, tpl=-1, uplat=156, ullat=0
pragma: no-cache
x-fb-debug: zlHiyNqVWZC9o0xP4KnGQoAFKJHtFnyQjh6ILcKi/1H5e1/Qfmhk/nUHuYMbq72YpW898Da0pMfKKEPkn4mYMg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7395409169916416099"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.6c69b5997f314810cfe8.js Show response
script.hotjar.com/ 223 KB
56 KB 85ms
10ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6c69b5997f314810cfe8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3802113.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 23 Jul 2024 09:41:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 150210
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56293
last-modified: Tue, 23 Jul 2024 09:40:30 GMT
etag: "30c513084f4759247a82ab90e6ffe4cb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OUZnHdDiess_L_U6FcVUqu_gp1muZadGQaOZ5bGgi54tZibyWuqjtQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 22ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2X87VRCB7N&gtm=45je47o0v892390484z877579268za200zb869736044&_p=1721877876085&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=53632391.1721877877&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721877877&sct=1&seg=0&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com%2Fpatient_admin%2Fpartners_landing&dt=Partners%20Landing%20%7C%20Heally&en=set_user_type&_fv=1&_ss=1&up.user_type=patient&tfd=3545
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-2X87VRCB7N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 19ms
17ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ak8wz7jldi?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:37 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 00:36:01 GMT
etag: W/"0x8DCAB7897E68837"
vary: Accept-Encoding
x-azure-ref: 20240725T032437Z-16b8f8f97cf2w2xxe3ctwcqumc0000000140000000001wb1
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: d758b9a5-e01e-003c-7065-dd071c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 main.MTNjMWMzYmIwNA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 347 KB
99 KB 31ms
31ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CH9BERJC77U3R61ELVCG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 091c39b305f8b652632b8e988245b297df2d019f06dc6340f8586c3b4fda47e0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11440823
date: Thu, 25 Jul 2024 03:24:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407231721541B0B345840C9B0B5AE08
x-tt-trace-id: 00-2407231721541B0B345840C9B0B5AE08-48AADF83D1E73D6F-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015ff7431fe6c24842934f1d866bf3a6b62f0dbb2b5083fc529abcd2e247d8def9a289e31d4db8e8f07a6f17f21c744a82e7a9cd44cf3719226e4caab7fd5a11fe433d25ae8b35f07d5df607f3bda8934bc274751f8cded90791e06a158d6b1a1d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 101175

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
300 B 366ms
157ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.41/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://batman.erx-14176.stage.getheally.com
Date: Thu, 25 Jul 2024 03:24:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 identify_59f29ac9.js Show response
analytics.tiktok.com/i18n/pixel/static/ 147 KB
39 KB 41ms
40ms Script
application/javascript 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_59f29ac9.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 11440c05
date: Thu, 25 Jul 2024 03:24:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024072317211477A3FCB7DB91A3B6FC0D
x-tt-trace-id: 00-24072317211477A3FCB7DB91A3B6FC0D-508890FEADF15A58-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 016c4db9c38b9d49db699d52041b27520afda03e2b725943f3c73d461a02b351a82b3ea9804d9cfacfc7ed4beed50dc7b5a0123df87472d83cc844837080de3779646e14bbc2d6fd7861cd7d7e80e6b3a9d1a95f1da56af07e1a0e51a7d206ab90
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 39639

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
844 B 261ms
258ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b81c50.11440cc0
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407250324377779026B542B44591684-790A539C9147EC36-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 157,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=160, origin; dur=21, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407250324377779026B542B44591684
x-cache-remote: TCP_MISS from a23-218-223-77.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 21,23.218.223.77
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b42611bf90ada07fdd1dfb7dfd9af10735daf28a416e1c04154dae5c1db90fde72df51787d5d7fcdba664a5fb4f19744d8467a8b5114b222b2966bffd681109ba0ff710f97bf4434cc237253ea922ae27a768
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
843 B 201ms
199ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 9c795c3.11440cc1
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725032437098EBE2660512F531ACC-08521AB71D6AA151-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 126,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=122, origin; dur=18, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725032437098EBE2660512F531ACC
x-cache-remote: TCP_MISS from a23-218-223-83.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 18,23.218.223.83
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b4261bc19cdb454061e6b67d5b0918af1f28605ec4768e4682c409c7953403c49c20de35e100634f108e3ec9c824386c948a0ca77212a4f359387f0bb4857368513bef769a319cc6222c270a8733b6c9554d7
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
845 B 221ms
218ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f12a4c28.11440cc2
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725032437C484150DD16CFD541988-73F03924CB8E8AA3-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 140,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=143, origin; dur=19, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725032437C484150DD16CFD541988
x-cache-remote: TCP_MISS from a23-218-223-80.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.218.223.80
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b426141359ba7d37303e075cc82ae6c7a0eaa1c191501f61ebb75e662f8e5f3c1b823321cd46767fb29829d34229edaad2618787892d712125b69a055b1befe649392b22293b2c53d277379904fcb3c706212
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
848 B 222ms
220ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cc65354.11440cc3
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725032437F8808507BBC294EB0E63-44CEF6D273B68BD4-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 127,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=133, origin; dur=16, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725032437F8808507BBC294EB0E63
x-cache-remote: TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.218.223.74
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b426132c3f3a49d92c142f53f80203b541fa4b101e694696d9e9a397de6907b78aea088b83e63981dabc6667ebb69b068fe6c7dfc63a1cd3fd55a1075494d09cff19f409ac1e433d3cf1b105b94c0c59428b9
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
846 B 198ms
194ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c676b285.11440cc4
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24072503243743E922463CDCC6C4CE63-3DB1FDDFDE6AC385-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 113,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=116, origin; dur=16, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024072503243743E922463CDCC6C4CE63
x-cache-remote: TCP_MISS from a23-218-223-90.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.218.223.90
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b4261f6310c1805db7f971d881aa13aebf515f3d39dcb65130e8e561bca0a11e5049fcc030241a3fbbe9d25c8e4ca7a6c2af492c443221552d03c97652c2ae6f5c8fa6585b4fe3a972a9a3f9f9e3ff5dd27e1
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
845 B 238ms
234ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f12a4ca9.11440cc5
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24072503243745BA0411FC82F6C3778F-56E6C050766FCF49-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 129,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=140, origin; dur=16, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024072503243745BA0411FC82F6C3778F
x-cache-remote: TCP_MISS from a23-218-223-80.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.218.223.80
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b426141359ba7d37303e075cc82ae6c7a0eaa156791d8a61d299d11b46c8bed33aed9820b7e0f86e9579f9775517beb1fb5f5027c8dbe6b7b9a80e843392768b0be1e9af97a2a52724c65bad80b8bcf2d4ebf
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
846 B 193ms
192ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4dc643a7.11440cc6
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407250324375AD562E7E07F30BFB5A9-49720C0BD8965CEB-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 117,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=118, origin; dur=13, inner; dur=9
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407250324375AD562E7E07F30BFB5A9
x-cache-remote: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 13,23.218.223.73
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b42611bfd94aabd33874c93e510a298b871ae4def16fa4fa8a456d17dacc545389364cb5a14cd18b16df772ea637309037e7fabf6ff8d0da04b57038e85ad6805a5e5153c339f6dc1b37cb27f9636022f019a
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
846 B 205ms
203ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6d1bfcd.11440cc7
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725032437A6EF5CAEEAB309CCC488-09DA84F0B2654A91-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 138,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=41, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725032437A6EF5CAEEAB309CCC488
x-cache-remote: TCP_MISS from a23-218-223-72.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 41,23.218.223.72
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b42612ebefe3541cc930c0fa26275d7a759c29ef50203cc3fd4130934963c71b7bd79a0b7f96c54c43fe60a3f5990f697a194c9d125f852865b1e1dac8161917d0a30525f15e678f37c2ca06e7e93d1dcb2c6
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
850 B 389ms
387ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f12a4d64.11440db4
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725032437C7C7B77D6BC1BB5D49AE-51960B55D4B44BEC-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 292,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=127, origin; dur=177, inner; dur=175
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725032437C7C7B77D6BC1BB5D49AE
x-cache-remote: TCP_MISS from a23-218-223-80.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 177,23.218.223.80
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b426141359ba7d37303e075cc82ae6c7a0eaa97c5d3f213b0a6298c055ec92863be28b49f235404c7e5e1601caf89240809eb0168b07579cd94c6d8a6fa5cbcf26f798d7b8a95f5abfc4f406bed2092aa3e5c
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=9B16A410FE8E4CAFB243479238C2582A&RedC=c.clarity.ms&MXFR=245088E8B6636E1330619C2FB26360A3
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B16A410FE8E4CAFB243479238C2582A&MUID=22D6AA37A82E68C52FF1BEF0A9A569BD

42 B
442 B

30ms
30ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B16A410FE8E4CAFB243479238C2582A&MUID=22D6AA37A82E68C52FF1BEF0A9A569BD
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:37 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 899D7D1ACF7048A2895DAD8F73E1AD23 Ref B: FRA31EDGE0508 Ref C: 2024-07-25T03:24:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=9B16A410FE8E4CAFB243479238C2582A&MUID=22D6AA37A82E68C52FF1BEF0A9A569BD
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 favicon-dae32be53270bbfac3e048b5bbe95d880807be4f20936df343ed2b393a00ab41.ico
erx-14176.stage.getheally.com/assets/ 9 KB
9 KB 183ms
183ms Other
image/x-icon 44.238.71.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://erx-14176.stage.getheally.com/assets/favicon-dae32be53270bbfac3e048b5bbe95d880807be4f20936df343ed2b393a00ab41.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.71.192 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-71-192.us-west-2.compute.amazonaws.com

Software

Resource Hash

b3537d28f46076535768b2a795f0bb01aac36696ffa3e993129d47dad5d18d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:24:37 GMT
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 Jul 2024 15:07:39 GMT
etag: "66a118bb-24a1"
vary: Accept-Encoding
content-type: image/x-icon
content-length: 9377

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
846 B 250ms
248ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4dc648a7.11441087
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725032437748AFCED0C5D06066BA2-5DB3936DCE569014-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 150,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=165, origin; dur=19, inner; dur=16
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725032437748AFCED0C5D06066BA2
x-cache-remote: TCP_MISS from a23-218-223-73.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.218.223.73
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b42611bfd94aabd33874c93e510a298b871aeffb2688b609bb0c49596bcc7445783c129f8c141f9ff73a7105145ae68c8009b1fc03654b9fe0b1af0cc52bd9ccc8e126525c2883a45a8850d335820b40302f6
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
845 B 199ms
197ms Ping
text/plain 104.126.37.178
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.178 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-178.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: cc655bb.11441089
date: Thu, 25 Jul 2024 03:24:37 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24072503243707FF76E6AB5D7E565F84-77AC4119900692DD-00
x-cache: TCP_MISS from a104-126-37-174.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
x-parent-response-time: 140,104.126.37.174
server-timing: cdn-cache; desc=MISS, edge; dur=130, origin; dur=24, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024072503243707FF76E6AB5D7E565F84
x-cache-remote: TCP_MISS from a23-218-223-74.deploy.akamaitechnologies.com (AkamaiGHost/11.5.4-57255204) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.218.223.74
x-tt-trace-host: 01b825ce7ef1940bdc91a721cec84a25ac76df2751a2a8ede8d8a5c8e48e0b426132c3f3a49d92c142f53f80203b541fa4724ac9521a712292f278a89b5105ebecf104e7f1a00ebdf6af1276b0bea10315dfebaf3e5b7fa231a4826ef44a74ddb6f2912d95b298f1b7b043620edcd79319
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 03:24:37 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
300 B 97ms
95ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://batman.erx-14176.stage.getheally.com
Date: Thu, 25 Jul 2024 03:24:38 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/9/ 266 KB
57 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB4u6hv7R5EmduUjaFH8YjLf9sLfyvZzEc&language=en&region=US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f2c2243d80b61160c2b2da1ee4906b583c328db3087c30edacba4486789dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 24 Jul 2024 20:41:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57846
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 20:36:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jul 2025 20:41:15 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/9/ 185 KB
57 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?libraries=places&key=AIzaSyB4u6hv7R5EmduUjaFH8YjLf9sLfyvZzEc&language=en&region=US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3967d836188ae439a4db64f444fc9d9b9bdb240821b99abffc414d36ea95e6cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 03:04:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57773
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 20:36:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Jul 2025 03:04:24 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 15ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KDD68W0NRL&gtm=45je47o0v869736044za200zb77579268&_p=1721877876085&gcd=13l3l3l2l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=53632391.1721877877&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1721877876&sct=1&seg=0&dl=https%3A%2F%2Fbatman.erx-14176.stage.getheally.com%2Fpatient_admin%2Fpartners_landing&dt=Partners%20Landing%20%7C%20Heally&en=scroll&epn.percent_scrolled=90&_et=44&tfd=8389
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTNjMWMzYmIwNA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://batman.erx-14176.stage.getheally.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 03:24:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://batman.erx-14176.stage.getheally.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.hs-scripts.com
URL: https://js.hs-scripts.com/5248905.js

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
batman.erx-14176.stage.getheally.com/	1969-12-31 23:59:59	Name: download_signature Value: ca726f3ea9dae073408406ad91e89a2d
.getheally.com/	1970-01-21 00:27:33	Name: _gcl_au Value: 1.1.1562531338.1721877877
.getheally.com/	1970-01-20 22:19:24	Name: _gid Value: GA1.2.190748580.1721877877
.getheally.com/	1970-01-20 22:17:57	Name: _gat Value: 1
.getheally.com/	1970-01-20 22:17:57	Name: _dc_gtm_UA-75603698-1 Value: 1
.getheally.com/	1970-01-20 22:17:57	Name: _gat_%5Bobject%20Object%5D Value: 1
.getheally.com/	1970-01-21 07:53:57	Name: _ga Value: GA1.1.53632391.1721877877
.getheally.com/	1970-01-21 07:53:57	Name: _ga_KDD68W0NRL Value: GS1.1.1721877876.1.0.1721877876.60.0.0
.getheally.com/	1970-01-21 00:27:33	Name: _fbp Value: fb.1.1721877876959.183853575872695914
www.clarity.ms/	1970-01-21 07:03:33	Name: CLID Value: 8b253f9f19724858b1fec27d5d13a866.20240725.20250725
.getheally.com/	1970-01-21 07:53:57	Name: _ga_2X87VRCB7N Value: GS1.1.1721877877.1.0.1721877877.0.0.0
.tiktok.com/	1970-01-21 07:39:33	Name: _ttp Value: 2jilesH1WqrrrTmkUQdVZsktP9X
batman.erx-14176.stage.getheally.com/	1969-12-31 23:59:59	Name: _equotech_session Value: OHV6N2NSajZqQU9hMEVib3EvTUc0dzYxeFJFeU1JaFcybW51SEdXSmVPNGwxRThGaVpiczJSWU0vc3RVWVF2VytCbXhBV052MUZwcTdGWkdhSTBUL1M4bTkrSFVGUjBGdTFYOXl3R2IyYmREdHNNV2lUZCtqSEQyMjQzNElENUdkdHdNbDN1WEtZMHZYS01Xc3g3SmZRa3htdXpBUWpjb3oxVTFLaWVVWlJXNWZQM2s5eFlWa1UwK09KQjhhQm1kK1lGcWg3MndVSW81OStkVkNZSVNXTVpYT3QrL3Z4c1o5bUNCSFlwYmN2NDB1Y3ZjWjFKTXA2SmxHNXdmUTl4Y0NoV3ROMTFLM2llQk1zd1hzT29yRTVHcWRPWmdVL2pWNU5NNDN5eWZyeTBMVld5cVdUMHVUSURZa1FOTGZuN0R4L3NvczQwYWRtblNGZnNKWWE4ektMWDljNFQvWXZCc0tOMjFySkhzRUd5bkpQU0pybHhIK3VQaFkzcWNnYk9zRFFqRko4RWxEWDQ3NXhPNGJ1VjJib3h4M1FzdHhvcE5sNXBUdmRvNkxRanFGL04xQ2xTL0ZiMEF3TEd5VndwNWVHYWxrZFVQNko2dHU3VUJ5MkhiU2c9PS0tRDdtR3lWQ3dtL1FySkdqZG95TVIwQT09--2bd85cbcc21ae2eb14a337800ca08a8d6ed3ec26
.getheally.com/	1970-01-21 07:03:33	Name: _hjSessionUser_3802113 Value: eyJpZCI6IjlmNzU4MzY1LWIxZWQtNWZiNC1iZTg1LWQyNzgwZWJkYjk4OCIsImNyZWF0ZWQiOjE3MjE4Nzc4NzcyMjUsImV4aXN0aW5nIjpmYWxzZX0=
.getheally.com/	1970-01-20 22:17:59	Name: _hjSession_3802113 Value: eyJpZCI6ImFlYzAzZDU0LTZjNTktNDczNC04YWEyLTdlNGYyNDk0YjNlYiIsImMiOjE3MjE4Nzc4NzcyMjYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.bing.com/	1970-01-21 07:39:33	Name: MUID Value: 22D6AA37A82E68C52FF1BEF0A9A569BD
.c.bing.com/	1970-01-20 22:28:02	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:39:33	Name: SRM_B Value: 22D6AA37A82E68C52FF1BEF0A9A569BD
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:39:33	Name: MUID Value: 22D6AA37A82E68C52FF1BEF0A9A569BD
.c.clarity.ms/	1970-01-20 22:28:02	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:17:58	Name: ANONCHK Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://erx-14176.stage.getheally.com/assets/patient_auth/application-14773c75a6a048f465e195720794bfa76d08b9b59baf0dae94363d3a0fcec83c.js(Line 49) Message: Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
batman.erx-14176.stage.getheally.com
c.bing.com
c.clarity.ms
connect.facebook.net
dbuxvggzyqqg6.cloudfront.net
erx-14176.stage.getheally.com
fonts.googleapis.com
fonts.gstatic.com
js.braintreegateway.com
js.hs-scripts.com
maps.googleapis.com
o.clarity.ms
region1.analytics.google.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
js.hs-scripts.com
104.126.37.178
13.32.27.21
13.74.129.1
142.250.186.72
172.217.16.195
172.217.23.106
18.66.102.51
18.66.107.219
192.229.221.25
2001:4860:4802:34::36
2620:1ec:bdf::45
2620:1ec:c11::237
2a00:1450:4001:803::200a
2a00:1450:4001:806::2003
2a00:1450:4001:809::200e
2a00:1450:4001:828::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c0c::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
44.238.71.192
52.152.143.207
091c39b305f8b652632b8e988245b297df2d019f06dc6340f8586c3b4fda47e0
0c4dc1cd11885ee5b291c5c132abbde334d70089f6178f13bdf44e37953bd1b0
16eb49ed0fe393f5d80f2ec2add8527136e552ab7db18262d1b5880b4d2093c6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
228d8e3efcde37de9193685d1f5aba49a0c508b3b14b83af774e7aae6bd44b42
29f2c2243d80b61160c2b2da1ee4906b583c328db3087c30edacba4486789dde
31fe46164ce2459191ca1f7727fd742ce01833ee4f705459e88d43f53fcc9f80
38f4332d0cacaaf2befd13beaee222acb8dc05f4f41d9e1d02b5d46106366c00
3967d836188ae439a4db64f444fc9d9b9bdb240821b99abffc414d36ea95e6cb
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4194a431cca6678145f2c4d7d2e597087e2a76a4878c26b66315b2ba4f4ea393
4a9a53cbdb7d2359b0eedaf47864ad6059ec765f3a919bf3fe8939c51b1bcf2f
597293ebd1e4c31bd4718fd7da11a4e059932243fbfdc977a1a276a9a32dab46
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8d5db76bf1fbd335485b5926b8f5be33069b1412fccaabf068157835e02a39d1
993e3b39d004bb0a8f769f1d804f98dd2beeb3fdcd2c504cc0308cbe3232d516
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0c1d71ef738dd8c82235fbe0c3935a5c461d3bd59eb3e562445e0e4496833a0
a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2
a89ef5d0c9038186fd24db748d4f89da0f726bc6ac9059571a70ed7bf03a14cd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3537d28f46076535768b2a795f0bb01aac36696ffa3e993129d47dad5d18d6f
c91826300b370305d39987934cf5745869eb0107547577d92b40e580d9580227
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cea6d1a7f0517bc5047062a23e75ed878be0d67c4f07881c1817075d8728c314
d36da05127137405ff1aa46678a705e80457b4597391ff3a2665c2859f3f8372
d6e0061b4cd5bfe96e4a8c1e2cb11e61d5032b566557827a0523260aaca2ff86
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6511f6271556dd514337b5acf7cc986e9a191a243b49cbb8222df70035eb60f
e73a9f0216c7e6057715ba566ecbadadd783dea11ff8959488e1ee64a7f2f5de
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ee44de6398db19c63fef7a4c21b8fbfb0f5995b17364726ef1ba4a353ec7fe1a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

batman.erx-14176.stage.getheally.com Open in urlscan Pro 44.238.71.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

96 %HTTPS

50 %IPv6

17 Domains

23 Subdomains

22 IPs

4 Countries

2657 kBTransfer

6761 kBSize

22 Cookies

0 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

batman.erx-14176.stage.getheally.com Open in urlscan Pro
44.238.71.192 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

2657 kB
Transfer

6761 kB
Size

22
Cookies

56 HTTP transactions
0 data transactions