urlscan.io logo urlscan.io
SecurityTrails logo

mymedstar.iqhealth.com Open in urlscan Pro
159.140.207.154  Public Scan

Go To Rescan Add Verdict Report
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Submission: On April 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 25 HTTP transactions. The main IP is 159.140.207.154, located in United States and belongs to CERNER-COM, US. The main domain is mymedstar.iqhealth.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 14th 2020. Valid for: 2 years.
This is the only time mymedstar.iqhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    159.140.207.154 (United States)

ASN17264 (CERNER-COM, US)
mymedstar.iqhealth.com
8    143.204.101.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-104.fra50.r.cloudfront.net
dpfzcqrxx682t.cloudfront.net
3    143.204.101.209 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-209.fra50.r.cloudfront.net
d292eo2ec5lzlq.cloudfront.net
4    2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
8 dpfzcqrxx682t.cloudfront.net mymedstar.iqhealth.com
dpfzcqrxx682t.cloudfront.net
4 www.google.com 1 redirects mymedstar.iqhealth.com
www.gstatic.com
3 www.google-analytics.com 1 redirects mymedstar.iqhealth.com
3 d292eo2ec5lzlq.cloudfront.net mymedstar.iqhealth.com
2 bam.nr-data.net js-agent.newrelic.com
2 fonts.gstatic.com mymedstar.iqhealth.com
1 js-agent.newrelic.com mymedstar.iqhealth.com
1 www.google.de mymedstar.iqhealth.com
1 stats.g.doubleclick.net 1 redirects
1 www.gstatic.com www.google.com
1 fonts.googleapis.com mymedstar.iqhealth.com
1 mymedstar.iqhealth.com
25 12

This site contains links to these domains. Also see Links.

Domain
www.medstarhealth.org
Subject Issuer Validity Valid
*.iqhealth.com
Entrust Certification Authority - L1K		 2020-01-14 -
2022-01-13		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-23 -
2021-03-18		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Frame ID: 81233CBEC3878A029FAD33C6B8C39D6E
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfq_wQTAAAAAFphvg5b86aAGpsgqtp0UjSTUevD&co=aHR0cHM6Ly9teW1lZHN0YXIuaXFoZWFsdGguY29tOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=h79dnqo8hn7k
Frame ID: A9F5B503D9B05E89AD7C823C1B940D5A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Lfq_wQTAAAAAFphvg5b86aAGpsgqtp0UjSTUevD&cb=mf2dl03wopuh
Frame ID: 315B1D09C090C7F561E9A4CA09FBA2E2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

792 kB
Transfer

2921 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=609739890&t=pageview&_s=1&dl=https%3A%2F%2Fmymedstar.iqhealth.com%2Fself-enroll%2F&dp=%2Fself-enroll%2F&ul=en-us&de=UTF-8&dt=myMedStar%20-%20Self-Enrollment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEAB~&jid=1299118542&gjid=1635149240&cid=157779039.1588107413&tid=UA-43394204-1&_gid=366582935.1588107413&_r=1&z=1855311896 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_gid=366582935.1588107413&gjid=1635149240&_v=j81&z=1855311896 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_v=j81&z=1855311896 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_v=j81&z=1855311896&slf_rd=1&random=2890524376

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
mymedstar.iqhealth.com/self-enroll/ 		22 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.140.207.154 , United States, ASN17264 (CERNER-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
644c00197f5e81faacbb33b5f428cba1aa1925420bbfd6197572f00429ecb5cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
mymedstar.iqhealth.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 28 Apr 2020 20:56:51 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
X-Cnection
close
Cerner-Correlation-ID
dc7e3f1920fb817ba24e1cfa1538f55e
Content-Language
en-us
Expires
-1
Vary
Cookie, Accept-Language
X-UA-Compatible
IE=edge
Cache-Control
no-cache, no-store, must-revalidate
X-Frame-Options
SAMEORIGIN
HTTP_SESSION_TOKEN
d2c6bc3f52304d45a48525b0a8b7083f
Set-Cookie
iqh-iframe=sx4jki8735lzt2p4q94wpa5nqq0u1txs; httponly; Path=/; SameSite=None; secure iqh_csrf=sArqyiVfVhUh51MQMuAxxwUCIYQ9prML; expires=Tue, 27-Apr-2021 20:56:51 GMT; Max-Age=31449600; Path=/; secure iqh=sx4jki8735lzt2p4q94wpa5nqq0u1txs; httponly; Path=/; secure iqh_csrf-iframe=sArqyiVfVhUh51MQMuAxxwUCIYQ9prML; expires=Tue, 27-Apr-2021 20:56:51 GMT; Path=/; SameSite=None; secure
modernizr.js
dpfzcqrxx682t.cloudfront.net/s/portal/lib/modernizr/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/lib/modernizr/modernizr.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
289c26e7f1916959f6f64ad710098044f582b0ae97eec41f025c38c96e40cf02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Mar 2020 05:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3599697
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Fri, 28 Feb 2020 16:15:28 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8ByHcttdwy8CEHhIdSUQobbBVju2Odw0dLWXOm3LMaQWQCTIZwhvcg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
polyfill.min.js
dpfzcqrxx682t.cloudfront.net/s/portal/js/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/js/polyfill.min.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 07 Feb 2020 16:14:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7015319
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Tue, 04 Feb 2020 20:09:54 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
PvavHPlpOeb67KkG-jUtGvQx3H1jaJH8LFioXjOKzHvI5v61RI-YmA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
dpfzcqrxx682t.cloudfront.net/s/portal/vendor/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/vendor/jquery.min.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 04 Apr 2020 06:47:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124540
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Fri, 28 Feb 2020 16:15:28 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CU15o9mnPKec5gGOtUlGk6au3rrqhS6n-sxyV_zxeHc2hR7w18631w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lib.8450961fbc64.css
dpfzcqrxx682t.cloudfront.net/s/portal/css/ 		102 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/css/lib.8450961fbc64.css
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
30a3a7cc8a86838e20f520f768918eaaaf3e70e96709ceb2c9661fd24e25b3e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 15:47:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18542
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Thu, 23 Apr 2020 18:26:06 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
text/css
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
2OsQxLCs7pIAlIpMCC_nxnihScnrIdfX-xJGY5mHhPNbzTziq6E_BA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
consumer_theme-8q7HW87y4-3fd69610dfc8.css
d292eo2ec5lzlq.cloudfront.net/ 		254 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d292eo2ec5lzlq.cloudfront.net/consumer_theme-8q7HW87y4-3fd69610dfc8.css
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.209 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-209.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
090a2ea7c3bee913705c2249a952d933dac761f2b677c83b7ee3f3c6b9707c47

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 18:13:27 GMT
Content-Encoding
gzip
Age
9806
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
38914
Last-Modified
Tue, 28 Jan 2020 17:44:31 GMT
Server
AmazonS3
ETag
"1a48b5dbc422cef8ef57363a0bb5b2bb"
x-amz-version-id
G6CQquhW6dgqdvfsg26aERDhfsBTd5KZ
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
text/css
X-Amz-Cf-Id
y6iRZ-GOAyRCiJE3apHJ9HXNBfePtj9yksdZ6C27VY2FtD5uk7SQGw==
cnav.5a7069193a2a.js
dpfzcqrxx682t.cloudfront.net/s/portal/js/style_guide/ 		344 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/js/style_guide/cnav.5a7069193a2a.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e0ad22a9cc7cd56b3c912a1bf1871377cb3f32e3a1278154a27589cbaf60ac13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 18 Mar 2020 05:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3599697
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Fri, 28 Feb 2020 16:15:28 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
txqdrD7AMZfKS4OLMH7tAJqyWaGujBt5bBMoNCZ2zEgNkQpVXpjxjA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
djangojs.54595b86107c.js
dpfzcqrxx682t.cloudfront.net/s/portal/jsi18n/en-us/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/jsi18n/en-us/djangojs.54595b86107c.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
38f1802f537be6fc3d09ddaa70f309550b8a6819a9a304b34823fa5d0ad7fb99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 10 Apr 2020 10:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1593824
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Tue, 07 Apr 2020 14:32:53 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
RKNjDczNN9BMkyt17Iq8_ncsCMuztR_lalUHixRIOB3PsDSKvsON2A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
r.252064ad6672.js
dpfzcqrxx682t.cloudfront.net/s/portal/js/ 		2 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/js/r.252064ad6672.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8ba3de33411d6f3e8f4ae8cec689a917025546e9c835ee8402d0a8465b45291a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 15:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452820
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Mon, 20 Apr 2020 17:10:10 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
shuX__yfzGs-FpeWGMoLktYR2n-9KAKytj_cLjxAdZ1NNUsGiBflpQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
api.js
www.google.com/recaptcha/ 		674 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en-us
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 20:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
1; mode=block
expires
Tue, 28 Apr 2020 20:56:52 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
32
date
Tue, 28 Apr 2020 20:56:20 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Tue, 28 Apr 2020 22:56:20 GMT
css
fonts.googleapis.com/ 		9 KB
921 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75c91bf921cc9ec6e713e8cbd32259ebce472ddfcd73d11cadfb3bb2d7bae54d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Apr 2020 20:56:52 GMT
server
ESF
date
Tue, 28 Apr 2020 20:56:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Apr 2020 20:56:52 GMT
H98S545_Patient_Portal_Background-350x130px_V2.png
d292eo2ec5lzlq.cloudfront.net/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d292eo2ec5lzlq.cloudfront.net/H98S545_Patient_Portal_Background-350x130px_V2.png
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.209 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-209.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a1fab00c755246e83115563bdcd13f5ab4f78106b8e9526ed41ec9787c1dfdc

Request headers

Referer
https://d292eo2ec5lzlq.cloudfront.net/consumer_theme-8q7HW87y4-3fd69610dfc8.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 18:13:28 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Age
9805
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
22267
Last-Modified
Thu, 04 Jan 2018 17:47:07 GMT
Server
AmazonS3
ETag
"2779051644bb302f824aaebd2d0543af"
x-amz-version-id
yT_B2B_8DOx351bKSIhfGrrWs87LXVMh
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/png
X-Amz-Cf-Id
0ozpflWAQIoFQgbaYhnk1BLOuyQbWxzrfBhnQvkkOoN7h6zHnMgIIg==
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700
Origin
https://mymedstar.iqhealth.com

Response headers

date
Wed, 01 Apr 2020 18:22:23 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
2342069
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11016
x-xss-protection
0
expires
Thu, 01 Apr 2021 18:22:23 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,700
Origin
https://mymedstar.iqhealth.com

Response headers

date
Fri, 17 Apr 2020 00:29:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
1024021
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
11020
x-xss-protection
0
expires
Sat, 17 Apr 2021 00:29:51 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/ 		299 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en-us
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 16:59:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 04:05:48 GMT
server
sffe
age
705472
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
124243
x-xss-protection
0
expires
Tue, 20 Apr 2021 16:59:00 GMT
en-US-translations-11.8b74e0b7.js
dpfzcqrxx682t.cloudfront.net/s/portal/js/translations/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpfzcqrxx682t.cloudfront.net/s/portal/js/translations/en-US-translations-11.8b74e0b7.js
Requested by
Host: dpfzcqrxx682t.cloudfront.net
URL: https://dpfzcqrxx682t.cloudfront.net/s/portal/js/style_guide/cnav.5a7069193a2a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-104.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
230cb9e5244ba4008f8d9c0d7598ef16072b8da929f579494c337ee820be4eb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 07:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48125
x-cache
Hit from cloudfront
status
200
x-cnection
close
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
access-control-allow-origin
*
last-modified
Mon, 20 Apr 2020 17:10:10 GMT
server
nginx
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
max-age=315360000, public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
T6nqyXPQNlwyPv1Y_0XZymcABulTFMbJVCMLJD50pWCkR4NyfR27dQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=609739890&t=pageview&_s=1&dl=https%3A%2F%2Fmymedstar.iqhealth.com%2Fself-enroll%2F&dp=%2Fself-enroll%2F&ul=en-us&de=UTF-8&dt=myMedStar%20-%20Self-Enrollment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1517487567&gjid=1884814620&cid=157779039.1588107413&tid=UA-41813742-1&_gid=366582935.1588107413&_r=1&z=450872236
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 20:56:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=609739890&t=pageview&_s=1&dl=https%3A%2F%2Fmymedstar.iqhealth.com%2Fself-enroll%2F&dp=%2Fself-enroll%2F&ul=en-us&de=UTF-8&dt=myMedStar%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_gid=366582935.1588107413&gjid=1635149240&_v=j81&z=1855311896
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_v=j81&z=1855311896
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_v=j81&z=1855311896&slf_rd=1&random=2890524376
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_v=j81&z=1855311896&slf_rd=1&random=2890524376
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 20:56:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Apr 2020 20:56:53 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-43394204-1&cid=157779039.1588107413&jid=1299118542&_v=j81&z=1855311896&slf_rd=1&random=2890524376
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame A9F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfq_wQTAAAAAFphvg5b86aAGpsgqtp0UjSTUevD&co=aHR0cHM6Ly9teW1lZHN0YXIuaXFoZWFsdGguY29tOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=h79dnqo8hn7k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1P2g+e4KyKqRpUzJ+s4Pzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lfq_wQTAAAAAFphvg5b86aAGpsgqtp0UjSTUevD&co=aHR0cHM6Ly9teW1lZHN0YXIuaXFoZWFsdGguY29tOjQ0Mw..&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=normal&cb=h79dnqo8hn7k
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 28 Apr 2020 20:56:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-1P2g+e4KyKqRpUzJ+s4Pzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10184
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
MD3fg9N_Webp.net-resizeimage%20%281%29.png
d292eo2ec5lzlq.cloudfront.net/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d292eo2ec5lzlq.cloudfront.net/MD3fg9N_Webp.net-resizeimage%20%281%29.png
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.209 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-209.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7704b6d1f9a9d3dabc9dc06ba47b2a5dfce27cd7c2448512948f463f89b87b5

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 18:13:28 GMT
Via
1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Age
9806
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
16616
Last-Modified
Thu, 19 Oct 2017 15:33:23 GMT
Server
AmazonS3
ETag
"426d558c1e122a39ce3c4615b70472e2"
x-amz-version-id
I.cYpGqEHONxkSHiYk6McQ1W.Xt7nuqJ
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Type
image/png
X-Amz-Cf-Id
79tYX3X2s72uqWTeNSxssRB4Xq_yfc9PShjNYDnmSclG3SmCaXn7rA==
bframe
www.google.com/recaptcha/api2/ Frame 315B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Lfq_wQTAAAAAFphvg5b86aAGpsgqtp0UjSTUevD&cb=mf2dl03wopuh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tqcCMBukqTqFWWdqCUJG9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6Lfq_wQTAAAAAFphvg5b86aAGpsgqtp0UjSTUevD&cb=mf2dl03wopuh
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 28 Apr 2020 20:56:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-tqcCMBukqTqFWWdqCUJG9Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1189
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
nr-1167.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1167.min.js
Requested by
Host: mymedstar.iqhealth.com
URL: https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 20:56:54 GMT
content-encoding
gzip
x-amz-request-id
9F168BA697B778D0
x-cache
HIT
status
200
content-length
10178
x-amz-id-2
yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by
cache-hhn4070-HHN
last-modified
Fri, 07 Feb 2020 23:39:55 GMT
server
AmazonS3
x-timer
S1588107414.350779,VS0,VE0
etag
"8155781ab74e51eee2ead2c1d5902e63"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
10375
620d2fd3c0
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/620d2fd3c0?a=193586233&v=1167.2a4546b&to=ZlIEMRBWDEMFAhBZXF8YIBAMVBZZCw9LQ1ZdUTkADEUNXAhPEllWRkRcNgdbBHUKEwtcX2FSFBYNWTFVBRMHWGVYUhFLBVIW&rst=3494&ref=https://mymedstar.iqhealth.com/self-enroll/&ap=114&be=1162&fe=3421&dc=2098&perf=%7B%22timing%22:%7B%22of%22:1588107410895,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:139,%22c%22:139,%22s%22:170,%22ce%22:748,%22rq%22:748,%22rp%22:1031,%22rpe%22:1166,%22dl%22:1036,%22di%22:2098,%22ds%22:2098,%22de%22:2117,%22dc%22:3420,%22l%22:3420,%22le%22:3424%7D,%22navigation%22:%7B%7D%7D&fp=2026&fcp=2026&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
620d2fd3c0
bam.nr-data.net/events/1/ 		24 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/620d2fd3c0?a=193586233&v=1167.2a4546b&to=ZlIEMRBWDEMFAhBZXF8YIBAMVBZZCw9LQ1ZdUTkADEUNXAhPEllWRkRcNgdbBHUKEwtcX2FSFBYNWTFVBRMHWGVYUhFLBVIW&rst=13494&ref=https://mymedstar.iqhealth.com/self-enroll/
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://mymedstar.iqhealth.com/self-enroll/?opt_id=oeu1584123852241r0.2528862450049367
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://mymedstar.iqhealth.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| HealtheLife object| html5 object| Modernizr function| yepnope object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill string| g_media_url function| $ function| jQuery string| GoogleAnalyticsObject function| ga function| webpackJsonphlifeNav object| ConsumerNavigation object| django function| pluralidx function| gettext function| ngettext function| gettext_noop function| pgettext function| npgettext function| interpolate function| get_format object| jQuery1112009032353519086334 function| FastClick object| Terra object| webpackJsonpPortalSelect object| IntlPolyfill object| PortalSelect object| Select2 function| sessionTimeout boolean| isScrolling boolean| isTouchEnabled string| freeTextPrefix object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| hash string| locale object| terraI18nLocales object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| closure_lm_489845

8 Cookies

Domain/Path Name / Value
.iqhealth.com/ Name: _ga
Value: GA1.2.157779039.1588107413
mymedstar.iqhealth.com/ Name: iqh
Value: sx4jki8735lzt2p4q94wpa5nqq0u1txs
mymedstar.iqhealth.com/ Name: iqh_csrf
Value: sArqyiVfVhUh51MQMuAxxwUCIYQ9prML
.iqhealth.com/ Name: _gat_client
Value: 1
mymedstar.iqhealth.com/ Name: iqh_csrf-iframe
Value: sArqyiVfVhUh51MQMuAxxwUCIYQ9prML
.iqhealth.com/ Name: _gat
Value: 1
.iqhealth.com/ Name: _gid
Value: GA1.2.366582935.1588107413
mymedstar.iqhealth.com/ Name: iqh-iframe
Value: sx4jki8735lzt2p4q94wpa5nqq0u1txs

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
d292eo2ec5lzlq.cloudfront.net
dpfzcqrxx682t.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
mymedstar.iqhealth.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
143.204.101.104
143.204.101.209
151.101.114.110
159.140.207.154
162.247.242.20
2a00:1450:4001:815::200a
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2003
2a00:1450:400c:c08::9c
090a2ea7c3bee913705c2249a952d933dac761f2b677c83b7ee3f3c6b9707c47
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
230cb9e5244ba4008f8d9c0d7598ef16072b8da929f579494c337ee820be4eb4
289c26e7f1916959f6f64ad710098044f582b0ae97eec41f025c38c96e40cf02
30a3a7cc8a86838e20f520f768918eaaaf3e70e96709ceb2c9661fd24e25b3e8
38f1802f537be6fc3d09ddaa70f309550b8a6819a9a304b34823fa5d0ad7fb99
3a1fab00c755246e83115563bdcd13f5ab4f78106b8e9526ed41ec9787c1dfdc
59173f786dd1f3802f7ab26fd339aac4099dc10c6cb54a6a92213e6af277592a
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
644c00197f5e81faacbb33b5f428cba1aa1925420bbfd6197572f00429ecb5cb
75c91bf921cc9ec6e713e8cbd32259ebce472ddfcd73d11cadfb3bb2d7bae54d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ba3de33411d6f3e8f4ae8cec689a917025546e9c835ee8402d0a8465b45291a
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
c8963b6bd2ca8497603794bf9adcbff7a3ea55c9c3edef3d5a992405ee256a90
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
e0ad22a9cc7cd56b3c912a1bf1871377cb3f32e3a1278154a27589cbaf60ac13
e7704b6d1f9a9d3dabc9dc06ba47b2a5dfce27cd7c2448512948f463f89b87b5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f