urlscan.io logo urlscan.io
SecurityTrails logo

next.lumahealth.io Open in urlscan Pro
2606:4700::6812:25e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnUzUzQVVBQUlfZEFvN2RBZ0dHTm5uem9ySk1Gb1NYdnE0ZnlaST0iLCJocmVmIjoiaHR0cHM6...
Effective URL: https://next.lumahealth.io/
Submission: On February 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 39 HTTP transactions. The main IP is 2606:4700::6812:25e, located in United States and belongs to CLOUDFLARENET, US. The main domain is next.lumahealth.io. The Cisco Umbrella rank of the primary domain is 698894.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2022. Valid for: a year.
This is the only time next.lumahealth.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.227.225.220 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
14 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.201.112.186 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.186.194.58 15169 (GOOGLE)
2 52.215.192.131 16509 (AMAZON-02)
1 65.9.58.167 16509 (AMAZON-02)
5 151.101.66.137 54113 (FASTLY)
1 52.218.178.89 16509 (AMAZON-02)
39 12
1    35.227.225.220 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
e.customeriomail.com
7    2606:4700::6812:25e (United States)

ASN13335 (CLOUDFLARENET, US)
next.lumahealth.io
api.lumahealth.io
3    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
2    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    52.215.192.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-192-131.eu-west-1.compute.amazonaws.com
jhd878wp972s.statuspage.io
1    65.9.58.167 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-167.fra56.r.cloudfront.net
d2yyd1h5u9mauk.cloudfront.net
5    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
fast.trychameleon.com
1    52.218.178.89 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
lumahealth-assets.s3.us-west-2.amazonaws.com
Apex Domain
Subdomains		 Transfer
16 typekit.net
use.typekit.net — Cisco Umbrella Rank: 508
p.typekit.net — Cisco Umbrella Rank: 653
385 KB
7 lumahealth.io
next.lumahealth.io — Cisco Umbrella Rank: 698894
api.lumahealth.io — Cisco Umbrella Rank: 523774
2 MB
5 trychameleon.com
fast.trychameleon.com — Cisco Umbrella Rank: 16968
150 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
2 KB
2 statuspage.io
jhd878wp972s.statuspage.io — Cisco Umbrella Rank: 610076
5 KB
2 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2296
rs.fullstory.com — Cisco Umbrella Rank: 2294
82 KB
1 amazonaws.com
lumahealth-assets.s3.us-west-2.amazonaws.com
104 KB
1 cloudfront.net
d2yyd1h5u9mauk.cloudfront.net
31 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 66
46 KB
1 customeriomail.com
e.customeriomail.com — Cisco Umbrella Rank: 73530
156 B
39 11
Domain Requested by
14 use.typekit.net next.lumahealth.io
use.typekit.net
5 fast.trychameleon.com next.lumahealth.io
fast.trychameleon.com
5 next.lumahealth.io next.lumahealth.io
3 fonts.googleapis.com next.lumahealth.io
2 api.lumahealth.io next.lumahealth.io
2 jhd878wp972s.statuspage.io www.googletagmanager.com
jhd878wp972s.statuspage.io
2 p.typekit.net use.typekit.net
next.lumahealth.io
1 lumahealth-assets.s3.us-west-2.amazonaws.com next.lumahealth.io
1 d2yyd1h5u9mauk.cloudfront.net next.lumahealth.io
1 rs.fullstory.com edge.fullstory.com
1 fonts.gstatic.com fonts.googleapis.com
1 edge.fullstory.com next.lumahealth.io
1 www.googletagmanager.com next.lumahealth.io
1 e.customeriomail.com 1 redirects
39 14

This site contains links to these domains. Also see Links.

Domain
sso.lumahealth.io
support.lumahealth.io
Subject Issuer Validity Valid
lumahealth.io
Cloudflare Inc ECC CA-3		 2022-06-30 -
2023-06-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
edge.fullstory.com
GTS CA 1D4		 2023-01-31 -
2023-05-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.fullstory.com
R3		 2023-02-09 -
2023-05-10		 3 months crt.sh
*.statuspage.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-08 -
2023-08-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
fast.trychameleon.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2022-09-21 -
2023-08-24		 a year crt.sh

This page contains 2 frames:

Primary Page: https://next.lumahealth.io/
Frame ID: 4B661465599F893CE54D6CBE3E72FB6E
Requests: 37 HTTP requests in this frame

Frame: https://jhd878wp972s.statuspage.io/embed/frame
Frame ID: 5821FFE3B57E9FD3B33E822ECDDB9C9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Luma Health

Page URL History Show full URLs

  1. https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnUzUzQVVBQUlfZEFvN2RBZ0dHTm5uem9ySk1Gb1NYdnE0ZnlaST0i... HTTP 302
    https://next.lumahealth.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

39
Requests

100 %
HTTPS

46 %
IPv6

11
Domains

14
Subdomains

12
IPs

3
Countries

2601 kB
Transfer

9323 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnUzUzQVVBQUlfZEFvN2RBZ0dHTm5uem9ySk1Gb1NYdnE0ZnlaST0iLCJocmVmIjoiaHR0cHM6Ly9uZXh0Lmx1bWFoZWFsdGguaW8iLCJpbnRlcm5hbCI6ImI5ZGMwNTAxZGU3MjhmZGQwMiIsImxpbmtfaWQiOjE0Mn0/7d39057c35910ddbc48d57e7b6af9aad8e7aa12ca7d12ad073dc77d3a000cef7 HTTP 302
    https://next.lumahealth.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
next.lumahealth.io/
Redirect Chain
  • https://e.customeriomail.com/e/c/eyJlbWFpbF9pZCI6ImRnUzUzQVVBQUlfZEFvN2RBZ0dHTm5uem9ySk1Gb1NYdnE0ZnlaST0iLCJocmVmIjoiaHR0cHM6Ly9uZXh0Lmx1bWFoZWFsdGguaW8iLCJpbnRlcm5hbCI6ImI5ZGMwNTAxZGU3MjhmZGQwMiIs...
  • https://next.lumahealth.io/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b692de21af050e5ffd8cba67e137040d05edf7359125e2caf98de4bfc16fe778
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7998fabf4b1d9bb6-FRA
content-encoding
br
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
content-type
text/html
date
Tue, 14 Feb 2023 21:43:28 GMT
last-modified
Fri, 10 Feb 2023 01:55:54 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-amz-cf-id
PW4tBotbrtj_DB698F4Fo88WlEmO2gYHmR9PgESbeuk0dnEAm5eASQ==
x-amz-cf-pop
ZRH50-C1
x-amz-id-2
s4ecMSTvayoJm84fkJpsE6iMuvkVmIelgj81oBT8GK32boY+ZL1in7uANQfX2ekJZs/MkV5o4bY+Yp9lgxR/Vw==
x-amz-request-id
69SQD1PK5J2H3FRY
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
date
Tue, 14 Feb 2023 21:43:27 GMT
location
https://next.lumahealth.io
via
1.1 google
icon
fonts.googleapis.com/ 		569 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 21:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 21:43:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 21:43:28 GMT
css
fonts.googleapis.com/ 		2 KB
963 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52d19d23087cab4754d99e1b93eef0c81607dbe0e235928d00d0ec3e89fac2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 21:43:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 21:17:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 21:43:28 GMT
kio0iuw.css
use.typekit.net/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/kio0iuw.css
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c8a9d981926d1fa16e89dc89ac06713b77f8df052b1f36217f9f99cd55b84677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
977
main.f5ebd5e0.js
next.lumahealth.io/static/js/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://next.lumahealth.io/static/js/main.f5ebd5e0.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
499294de9c932117b6dfcdc76f2cdfcf980da06dbece1f036ee70ce27b8bcf1a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
ZRH50-C1
x-amz-request-id
C5GZ83CWASBMCB0K
cf-polished
origSize=7790455
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce
x-amz-id-2
PRRFHmeFySe6TqBfZMCRne2UdmQxyxCD5kkjCugcRPPdNSGbzEWhRR1PVuDzoxigu5eEOV+GnIs=
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 10 Feb 2023 01:56:04 GMT
server
cloudflare
etag
W/"97b061e788a244eca5cf84dbc0edf87f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7998fac428749bb6-FRA
x-amz-cf-id
6qS7wjMHVO7q4-FzxfzXH4bwjff0g5dKoeKTqkC4JqRSWxNWH_vqJw==
expires
Tue, 14 Feb 2023 22:43:28 GMT
main.59af44eb.css
next.lumahealth.io/static/css/ 		76 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://next.lumahealth.io/static/css/main.59af44eb.css
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4330e76c415e70f956290fd544dfc8636f670b64576ce120d21006144b8bbad2
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
via
1.1 a9717fb92179a05f5da85fabc586e750.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
x-amz-cf-pop
ZRH55-P1
x-amz-request-id
7N92ZMA6MEM8FCMR
cf-polished
origSize=78317
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce
x-amz-id-2
X6S+g1vBaUoA2/Zgtj7fv2VZU2XZjcn6LlPCLoVaLo7iy/JDVUxN0Y55FLC9eKdxnjpOhsD5YVA=
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 10 Feb 2023 01:55:54 GMT
server
cloudflare
etag
W/"6dcada932e60c9355534d68625a586c1"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
7998fac3f8329bb6-FRA
x-amz-cf-id
D6VtKmeUNKl7yaQ-PsRQ9Be0f2__O-tDXieJxUihvGHC__b4w4WA3g==
expires
Tue, 14 Feb 2023 22:43:28 GMT
ddf6rro.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/ddf6rro.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f019799bf840630aa4d39e30f024d1903633ce577b596b608722094543f59dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6947
p.css
p.typekit.net/ 		5 B
195 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=kio0iuw&ht=tk&f=34661.34662.34665.34666.34669.34670.34693.34694.34701.34702&a=92813995&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kio0iuw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

unused62
8096267
date
Tue, 14 Feb 2023 21:43:28 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/442215/000000000000000000010b5a/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/442215/000000000000000000010b5a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"9523c64514161c03124fab238b18113d17bad9eb"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23800
l
use.typekit.net/af/1709eb/000000000000000000010b60/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1709eb/000000000000000000010b60/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"9bd0488a91630a3c738a4d950e0b0b7930bcb98f"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24740
l
use.typekit.net/af/8dd886/000000000000000000010b5c/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8dd886/000000000000000000010b5c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"02ac0f44fc2605ad66d853df88904127aa3b3e9b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23180
l
use.typekit.net/af/cef9f3/000000000000000000010b5e/27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/cef9f3/000000000000000000010b5e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"2cf082c83c603f9c00006fb11a3498c4cf214475"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24232
l
use.typekit.net/af/3e9574/000000000000000000010b62/27/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3e9574/000000000000000000010b62/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6dff64f6a2d7e6c769b84514bad8c576836cda5cb84d98afa128c899ade1a356

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"d99aa23abd504d9d5529b25a05d4ad8c92ddae33"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
23564
l
use.typekit.net/af/572508/00000000000000003b9b1a96/27/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/572508/00000000000000003b9b1a96/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d64e71ecde29d15c97afbe99bef3e7bdd0861fb8fe17ba75c480eedc4e9fb6c7

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"8cd640db673f32c34b3bd81089424b562dee96a8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
40772
l
use.typekit.net/af/5855b2/00000000000000003b9b1a98/27/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5855b2/00000000000000003b9b1a98/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
238579e44cd606f06d8266d6233a0e6330ab5ad1a5a83cc571a40c797437175a

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"6d15c45d64f64175b9a3528cb8f1e719fe42ab00"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
40272
l
use.typekit.net/af/fbe431/00000000000000003b9ade4a/27/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/fbe431/00000000000000003b9ade4a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
657ee6fe12dadef0ee046f9f957be2208404a6383165f51a6b3a628bdaf0237a

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"b5f8114d17173b9b21ce1fedb62247c3b1c85519"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21480
l
use.typekit.net/af/d4fbe0/00000000000000003b9ade4b/27/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d4fbe0/00000000000000003b9ade4b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0dd84ea94ee0399d2052d5af74053ef2a6189be2ebafd3f0f0aa9dbdb475d94d

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:28 GMT
server
nginx
etag
"ca2c412abce2ed9cca63a6c0d83a874c743cc122"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19964
css
fonts.googleapis.com/ 		376 B
399 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Yellowtail:400%7Csans-serif
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/static/js/main.f5ebd5e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be3e4fb940e7d5803282b28d03df1e037a5b2d49b147f5b08c504024cd7efbdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 14 Feb 2023 21:43:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 21:43:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 14 Feb 2023 21:43:29 GMT
gtm.js
www.googletagmanager.com/ 		119 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-592PF6F&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6cd27db4e6b85c3b96d212e40e0f04839a8b9f7eb38139c8c4e5c22ebc1688f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46742
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 14 Feb 2023 21:43:29 GMT
fs.js
edge.fullstory.com/s/ 		282 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/static/js/main.f5ebd5e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad339b9c312c44b3ad52e8fac0db277aa6d7cf7f0b2533f51a635ffa483c9391

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:37:35 GMT
content-encoding
br
age
354
x-guploader-uploadid
ADPycdsKwyPN9hpe-39W1vxFMGfWY0aj2cL_xM7rXaxM6olzbZtbvz5-PMG-o8tR0eg0BSLcFmhOaTAWm0Qe7pmynXYS-51h_viE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83169
last-modified
Tue, 14 Feb 2023 14:21:34 GMT
server
UploadServer
etag
W/"4c17080f3a17f0f7f99e528d29a173f1"
vary
Accept-Encoding
x-goog-generation
1676384494771175
x-goog-hash
crc32c=5Roe4g==, md5=TBcIDzoX8Pf5nlKNKaFz8Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
289137
accept-ranges
none
content-type
application/javascript
expires
Tue, 14 Feb 2023 22:37:35 GMT
3273.ff1fb7cc.chunk.js
next.lumahealth.io/static/js/ 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://next.lumahealth.io/static/js/3273.ff1fb7cc.chunk.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/static/js/main.f5ebd5e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b8e27a33a362d02b5b812260d2cbaf8f3d04894fbf620b9d8c3c2f6eb5c450
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:30 GMT
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
via
1.1 fec5e83bcae9ab1295b776b3f64183d0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
x-amz-cf-pop
ZRH55-P1
x-amz-request-id
9YV08HM4WDPTH78A
cf-polished
origSize=62735
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce
x-amz-id-2
PCxF0zzV4r/sSGqzAJt1GOp0KRH+lJE1dxNu2BiVpfSddnQeblH0LS8MG+BJ6/VPmpMyIgEvpHZZAb5rboTmKQ==
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 10 Feb 2023 01:55:59 GMT
server
cloudflare
etag
W/"1e3e6f38e3d8a45327fcde42404fe698"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7998fac96e5e9bb6-FRA
x-amz-cf-id
JSxE2IfH-v57PT0EinabfS1jdJWuwSUcYveHv-MLkmD0eZUOT_Efuw==
expires
Tue, 14 Feb 2023 22:43:30 GMT
p.gif
p.typekit.net/ 		35 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=ddf6rro&ht=tk&h=next.lumahealth.io&f=10954.13454.13458.13460.13462.24543.24547.28900.28901&a=7520418&js=1.21.0&app=typekit&e=js&_=1676411009613
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

unused62
8096267
date
Tue, 14 Feb 2023 21:43:29 GMT
last-modified
Sat, 09 Oct 2021 02:10:03 GMT
server
nginx
etag
"6160f9fb-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
OZpGg_pnoDtINPfRIlLohlvHwQ.woff2
fonts.gstatic.com/s/yellowtail/v18/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/yellowtail/v18/OZpGg_pnoDtINPfRIlLohlvHwQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Yellowtail:400%7Csans-serif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78f5413a0d04f3331122d49f10507a6c290afe4d441fc49a968c7779331aedb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 10:06:00 GMT
x-content-type-options
nosniff
age
387449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18308
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 10:06:00 GMT
page
rs.fullstory.com/rec/ 		79 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
07b440d1e52271f344473f586f9416a634dbfeb4d6a0c04c93272b6262254ace
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://next.lumahealth.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 21:43:29 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://next.lumahealth.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
script.js
jhd878wp972s.statuspage.io/embed/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jhd878wp972s.statuspage.io/embed/script.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-592PF6F&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.215.192.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-192-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0bf34b4c80c37884f62fb08f0d11759a2f7a766486886c42d82a9581c787eace
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security
max-age=259200
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Feb 2023 21:43:29 GMT
x-permitted-cross-domain-policies
none
age
161
x-statuspage-skip-logging
true
x-cache
HIT
x-statuspage-version
76d99f410a1ead4a58e976768b97731913c334a8
x-xss-protection
1; mode=block
x-request-id
3b744720-c2db-4f1e-a4cc-3f08cdc0d001
x-runtime
0.054981
referrer-policy
strict-origin-when-cross-origin
etag
W/"gz[0bf34b4c80c37884f62fb08f0d11759a]"
x-download-options
noopen
vary
Accept,Accept-Encoding,Fastly-SSL
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
accept-ranges
bytes
delighted.js
d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/gEWJtcJ7FWS56eGm/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2yyd1h5u9mauk.cloudfront.net/integrations/web/v1/library/gEWJtcJ7FWS56eGm/delighted.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-58-167.fra56.r.cloudfront.net
Software
/
Resource Hash
0211531cac6e1ecf054b5e483a028d4e2eedd3b35573d4f4e18659e07b632dca
Security Headers
Name Value
Content-Security-Policy default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 21:43:30 GMT
Content-Security-Policy
default-src 'self'; font-src 'self' data: https://fonts.gstatic.com https://js.intercomcdn.com http://fonts.intercomcdn.com http://*.auryc.com https://dcx14qs33eg2z.cloudfront.net; style-src 'self' 'unsafe-inline' https://accounts.google.com https://cdn.weglot.com https://fonts.googleapis.com https://tagmanager.google.com https://heapanalytics.com https://app-sj30.marketo.com https://cdn.zapier.com https://dcx14qs33eg2z.cloudfront.net; object-src 'none'; media-src 'self' https://beacon-v2.helpscout.net https://js.intercomcdn.com/ https://dcx14qs33eg2z.cloudfront.net; img-src 'self' data: http: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://accounts.google.com https://app.intercom.io https://app.pendo.io https://a.opmnstr.com https://api.omappapi.com https://analytics.twitter.com https://app-sj30.marketo.com https://bat.bing.com https://beacon-v2.helpscout.net https://cdn.heapanalytics.com https://cdn.pendo.io https://cdn.weglot.com https://connect.facebook.net https://ct.capterra.com https://data.pendo.io https://googleads.g.doubleclick.net https://heapanalytics.com https://js.intercomcdn.com https://js.pusher.com https://js.stripe.com https://munchkin.marketo.net https://pendo-io-static.storage.googleapis.com https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://rum-static.pingdom.net https://script.crazyegg.com https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://tagmanager.google.com https://tpc.googlesyndication.com https://widget.intercom.io https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://zapier.com https://cdn.zapier.com https://*.quora.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://public.profitwell.com https://static.profitwell.com https://polyfill.io https://d3dy5gmtp8yhk7.cloudfront.net/ https://d2yyd1h5u9mauk.cloudfront.net https://dcx14qs33eg2z.cloudfront.net; frame-src 'self' https://accounts.google.com https://app.pendo.io https://js.stripe.com https://beacon-v2.helpscout.net https://bid.g.doubleclick.net https://tpc.googlesyndication.com https://app-sj30.marketo.com https://qglobalops.co1.qualtrics.com; connect-src 'self' https://delighted.com https://*.delighted.com https://api.delighted.com https://accounts.google.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.zapier.com https://zapier.com https://app.pendo.io https://bat.bing.com https://beaconapi.helpscout.net https://chatapi.helpscout.net https://cdn.weglot.com https://cdn-api-weglot.com https://d3hb14vkzrxvla.cloudfront.net https://data.pendo.io https://heapanalytics.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pendo-static-5802606298267648.storage.googleapis.com https://platform.twitter.com https://risk.clearbit.com https://script.crazyegg.com https://stats.g.doubleclick.net https://tracking.crazyegg.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://www.google-analytics.com https://www.google.com https://www2.profitwell.com https://099-SJL-057.mktorest.com https://*.pusher.com https://js.sentry-cdn.com https://browser.sentry-cdn.com https://*.quora.com https://*.auryc.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://ws.pusher.com wss://ws.pusherapp.com https://dcx14qs33eg2z.cloudfront.net; report-uri https://fb4qdnkh2k.execute-api.us-east-1.amazonaws.com/default
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
b8c90b2b1696406eadeeb60b68677587
X-UA-Compatible
IE=Edge,chrome=1
X-Runtime
0.061312
Referrer-Policy
strict-origin-when-cross-origin
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=120, public
X-Amz-Cf-Id
0y_4yTfkuPJHiJFZioomsDogKoLm-KB5iMN4KRnptHSC2c5OQLCbDw==
messo.min.js
fast.trychameleon.com/messo/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.trychameleon.com/messo/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/messo.min.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20f720b17adcb5a50910ae2772ef7dc353f3fc20ad99b1b4e25c255c3fd78f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:29 GMT
content-encoding
br
via
1.1 chameleon.io (Hyoid)
strict-transport-security
max-age=31557600
last-modified
Tue, 10 Jan 2023 22:51:06 GMT
etag
"94277392667905f58f81f305c2531c8b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-cache
accept-ranges
bytes
content-length
1413
territory.js
fast.trychameleon.com/edit/user/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/ 		47 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.trychameleon.com/edit/user/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/territory.js
Requested by
Host: fast.trychameleon.com
URL: https://fast.trychameleon.com/messo/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/messo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30d72dbc0755f649d37f5a28d3fb494e540edf6f2867ec176793a8a62a7a855f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
via
1.1 chameleon.io (Hyoid)
x-permitted-cross-domain-policies
none
content-length
4928
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
etag
W/"ab6ae61ff0fd91d5ac834097d60971636b7c1e1a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://next.lumahealth.io
cache-control
max-age=31556952, public, no-cache
access-control-allow-credentials
true
accept-ranges
bytes
frame
jhd878wp972s.statuspage.io/embed/ Frame 5821 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://jhd878wp972s.statuspage.io/embed/frame
Requested by
Host: jhd878wp972s.statuspage.io
URL: https://jhd878wp972s.statuspage.io/embed/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.215.192.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-192-131.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
578d9218102ab5649e3776e3be7a122416728a4c324c7170691ddfd0c521c126
Security Headers
Name Value
Strict-Transport-Security max-age=259200
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://next.lumahealth.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
364
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 14 Feb 2023 21:43:30 GMT
etag
W/"gz[578d9218102ab5649e3776e3be7a1224]"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=259200
vary
Accept,Accept-Encoding,Fastly-SSL
x-cache
HIT
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
b70b7ad5-b69c-4b7b-8dd1-904698a94868
x-runtime
0.165331
x-statuspage-skip-logging
true
x-statuspage-version
76d99f410a1ead4a58e976768b97731913c334a8
x-xss-protection
1; mode=block
downtimeMessage
api.lumahealth.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.lumahealth.io/api/downtimeMessage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
pragma,x-access-token
Access-Control-Request-Method
GET
Origin
https://next.lumahealth.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma,x-access-token
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://next.lumahealth.io
access-control-expose-headers
Content-Range,X-Content-Range
cf-cache-status
DYNAMIC
cf-ray
7998face69bc924d-FRA
date
Tue, 14 Feb 2023 21:43:30 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
3369.db1c6dbd.chunk.js
next.lumahealth.io/static/js/ 		562 B
887 B 		Script
General
Check archive.org
Download Go to
Full URL
https://next.lumahealth.io/static/js/3369.db1c6dbd.chunk.js
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/static/js/main.f5ebd5e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff9e92ab69de025c3a1f81a47b859eddbb8c70f98e68e41d5ce6612700d7ca38
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/login?returnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:30 GMT
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
via
1.1 abd012b9637ad93b7c9aa82d2cfb262c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
REVALIDATED
x-content-type-options
nosniff
x-amz-cf-pop
ZRH55-P1
x-amz-request-id
5C2MTDTXFQRRR08H
cf-polished
origSize=610
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce
x-amz-id-2
cnAO3lRL9guNKgzi3xeNh4B7B9dvfTLvORzLF7DiXHF/pBOtkgTlrHh2fLjUD04OEJCBjpt6pXM=
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
last-modified
Fri, 10 Feb 2023 01:55:59 GMT
server
cloudflare
etag
W/"379b0757aace23b953bd7aaef6fbd4cb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
7998facdfc609bb6-FRA
x-amz-cf-id
p7WN_X3onKUx0qV5njLwP7aVmWn4JE62Vm7a4CYGVbaoy7Js2RFpjA==
expires
Tue, 14 Feb 2023 22:43:30 GMT
downtimeMessage
api.lumahealth.io/api/ 		24 B
259 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.lumahealth.io/api/downtimeMessage
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/static/js/main.f5ebd5e0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:25e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fc0f51aa5685f394f328529ad6f0e16f9fc5b4520dfabdbf98dc693c8c13df2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Referer
https://next.lumahealth.io/
accept-language
de-DE,de;q=0.9
x-access-token
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"18-3WpwHSvbbaeb40Ueq0WQTPrQagc"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://next.lumahealth.io
access-control-expose-headers
Content-Range,X-Content-Range
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
cf-ray
7998facfae499bb6-FRA
content-length
24
l
use.typekit.net/af/e40556/00000000000000007735adbc/30/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e40556/00000000000000007735adbc/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kio0iuw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a60e4a6f8b89cbd1debcd7f90a0e60099a7caa9490a3c5305b18cb094c53dd4b

Request headers

Referer
https://use.typekit.net/kio0iuw.css
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:30 GMT
server
nginx
etag
"f3cafd088bc07c2d3ded8cc91e0729be713189cf"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
45396
l
use.typekit.net/af/e51fb7/00000000000000007735adc9/30/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/e51fb7/00000000000000007735adc9/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kio0iuw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b7a3c61a6af0c0f172a223eaf6d6b380c487766029588235a79dc0a5a9e0c69

Request headers

Referer
https://use.typekit.net/kio0iuw.css
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:30 GMT
server
nginx
etag
"d46770362ba9d21c8cc40c2d22faf1420d922bc7"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47532
l
use.typekit.net/af/165087/00000000000000007735adc0/30/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/165087/00000000000000007735adc0/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/kio0iuw.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e26c2dbbe5fe1117c6eca10fe39472aa5fcba88ff5db35a60935c8eac3c9c35b

Request headers

Referer
https://use.typekit.net/kio0iuw.css
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:30 GMT
server
nginx
etag
"2cbc4001467d9c7f751cea727aa49de9af6546aa"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47684
new_luma_logo_black.png
lumahealth-assets.s3.us-west-2.amazonaws.com/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lumahealth-assets.s3.us-west-2.amazonaws.com/new_luma_logo_black.png
Requested by
Host: next.lumahealth.io
URL: https://next.lumahealth.io/login?returnUrl=%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.178.89 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
78b374d84e6abc4e5838ed00d46f178f34dad77897d262603dc98204b5f86b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://next.lumahealth.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 21:43:32 GMT
x-amz-version-id
hMSZsLAtLV8GfcUCnLL85J00JJ0XkZkn
Last-Modified
Wed, 01 Jun 2022 21:05:06 GMT
Server
AmazonS3
x-amz-request-id
0Z0BJZWZQWF067B6
ETag
"0901252633c32d731d8c3f8494dd4eef"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
105689
x-amz-id-2
WwKbu2BXDyFXjd4ao4m5+zRJ6b9yumimcs8zU1IcIbsx3YCh4ohnWdDpMNN0ju0++yk8Aiw70XY=
chmln.js
fast.trychameleon.com/assets/chmln/bed96ee5d/ 		226 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.trychameleon.com/assets/chmln/bed96ee5d/chmln.js
Requested by
Host: fast.trychameleon.com
URL: https://fast.trychameleon.com/messo/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/messo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e138fabdb732b1f8006bc6130600616c7be5491ebbeeea2b2c85f6763edc328d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:31 GMT
content-encoding
br
via
1.1 chameleon.io (Hyoid)
strict-transport-security
max-age=31557600
last-modified
Tue, 14 Feb 2023 16:53:57 GMT
etag
"7f566feb72a026bfb587fbe5fe427270"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
60005
chmln.js
fast.trychameleon.com/assets/chmln/f226a2e56/ 		261 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.trychameleon.com/assets/chmln/f226a2e56/chmln.js
Requested by
Host: fast.trychameleon.com
URL: https://fast.trychameleon.com/messo/SmyhpiQUvy5rz2xywaHgkq0aVcK7vWNL8I1lk3O3swEXV7-1KydUG-CtPRDi3qBnbDPlj4/messo.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f40f0f7597dc41ffc17228218f6744a1b3b4ff6b821e8ab3836cf4ab9df278e
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

Referer
https://next.lumahealth.io/
Origin
https://next.lumahealth.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 21:43:31 GMT
content-encoding
br
via
1.1 chameleon.io (Hyoid)
strict-transport-security
max-age=31557600
last-modified
Tue, 14 Feb 2023 14:49:58 GMT
etag
"2d8c1f349c96553f4ce2c190b34a9d4e"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
83321
profiles
fast.trychameleon.com/observe/v2/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.trychameleon.com/observe/v2/profiles
Requested by
Host: fast.trychameleon.com
URL: https://fast.trychameleon.com/assets/chmln/f226a2e56/chmln.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
681b97a792b98e9cc771a706ca07fc0f7d523b47f2d627cf175c7d15c296e0e7
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://next.lumahealth.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 14 Feb 2023 21:43:32 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
via
1.1 chameleon.io (Hyoid)
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
etag
W/"d87ce42d13926fcfaa4862eda0e08ef8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://next.lumahealth.io
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| Typekit object| webpackChunklumahealth_webapp object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb object| __MUI_STYLES__ function| _ object| ace object| Prism string| commitHash function| Buffer object| dataLayer string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| web-app-fullstory boolean| _fs_initialized string| _fs_loaded function| _fs_shutdown object| google_tag_manager function| postscribe object| google_tag_manager_external object| delighted boolean| isDemo function| chmln function| statusEmbedTest undefined| token undefined| message function| AdditionalQuestionsOptions function| AdditionalQuestionsScale object| _delighted undefined| Backbone

1 Cookies

Domain/Path Name / Value
.lumahealth.io/ Name: _delighted_web
Value: {%22Wn9M4SwWkDUQdiRE%22:{%22_delighted_fst%22:{%22t%22:%221676411010250%22}}}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; img-src * blob: data:; media-src *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://bbfd20262a49aa7437c56bda89a4f2f2.report-uri.com/r/d/xss/enforce

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lumahealth.io
d2yyd1h5u9mauk.cloudfront.net
e.customeriomail.com
edge.fullstory.com
fast.trychameleon.com
fonts.googleapis.com
fonts.gstatic.com
jhd878wp972s.statuspage.io
lumahealth-assets.s3.us-west-2.amazonaws.com
next.lumahealth.io
p.typekit.net
rs.fullstory.com
use.typekit.net
www.googletagmanager.com
151.101.66.137
2606:4700::6812:25e
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a00:1450:400d:80e::200a
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
35.186.194.58
35.201.112.186
35.227.225.220
52.215.192.131
52.218.178.89
65.9.58.167
0211531cac6e1ecf054b5e483a028d4e2eedd3b35573d4f4e18659e07b632dca
07b440d1e52271f344473f586f9416a634dbfeb4d6a0c04c93272b6262254ace
0bf34b4c80c37884f62fb08f0d11759a2f7a766486886c42d82a9581c787eace
0dd84ea94ee0399d2052d5af74053ef2a6189be2ebafd3f0f0aa9dbdb475d94d
0fc0f51aa5685f394f328529ad6f0e16f9fc5b4520dfabdbf98dc693c8c13df2
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f40f0f7597dc41ffc17228218f6744a1b3b4ff6b821e8ab3836cf4ab9df278e
20f720b17adcb5a50910ae2772ef7dc353f3fc20ad99b1b4e25c255c3fd78f7f
238579e44cd606f06d8266d6233a0e6330ab5ad1a5a83cc571a40c797437175a
30d72dbc0755f649d37f5a28d3fb494e540edf6f2867ec176793a8a62a7a855f
376d6590bd2677d571aa33953ea163add1298a320bd2d22cc6c28f4c9177a804
3f019799bf840630aa4d39e30f024d1903633ce577b596b608722094543f59dc
4330e76c415e70f956290fd544dfc8636f670b64576ce120d21006144b8bbad2
499294de9c932117b6dfcdc76f2cdfcf980da06dbece1f036ee70ce27b8bcf1a
52d19d23087cab4754d99e1b93eef0c81607dbe0e235928d00d0ec3e89fac2e0
578d9218102ab5649e3776e3be7a122416728a4c324c7170691ddfd0c521c126
657ee6fe12dadef0ee046f9f957be2208404a6383165f51a6b3a628bdaf0237a
681b97a792b98e9cc771a706ca07fc0f7d523b47f2d627cf175c7d15c296e0e7
6cd27db4e6b85c3b96d212e40e0f04839a8b9f7eb38139c8c4e5c22ebc1688f2
6dff64f6a2d7e6c769b84514bad8c576836cda5cb84d98afa128c899ade1a356
78b374d84e6abc4e5838ed00d46f178f34dad77897d262603dc98204b5f86b9f
78f5413a0d04f3331122d49f10507a6c290afe4d441fc49a968c7779331aedb4
8d5da73586712159bb569fbfbd370f05a258113b2591ba238ef4e7bde1db13b7
95b8e27a33a362d02b5b812260d2cbaf8f3d04894fbf620b9d8c3c2f6eb5c450
9b7a3c61a6af0c0f172a223eaf6d6b380c487766029588235a79dc0a5a9e0c69
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a60e4a6f8b89cbd1debcd7f90a0e60099a7caa9490a3c5305b18cb094c53dd4b
ad339b9c312c44b3ad52e8fac0db277aa6d7cf7f0b2533f51a635ffa483c9391
b692de21af050e5ffd8cba67e137040d05edf7359125e2caf98de4bfc16fe778
be3e4fb940e7d5803282b28d03df1e037a5b2d49b147f5b08c504024cd7efbdb
c114e8c9146e113cd37fc2b6c8e6b2b99202dbd20791c1e2b457aa82d06dff7d
c8a9d981926d1fa16e89dc89ac06713b77f8df052b1f36217f9f99cd55b84677
d64e71ecde29d15c97afbe99bef3e7bdd0861fb8fe17ba75c480eedc4e9fb6c7
e138fabdb732b1f8006bc6130600616c7be5491ebbeeea2b2c85f6763edc328d
e26c2dbbe5fe1117c6eca10fe39472aa5fcba88ff5db35a60935c8eac3c9c35b
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
f94786fe65dcbc65b0099b471ae2bb89bbabd7fa7d8573dd3c4e0f5bbe555447
ff9e92ab69de025c3a1f81a47b859eddbb8c70f98e68e41d5ce6612700d7ca38