ihealthcovidtest.com Open in urlscan Pro
108.157.4.58  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request schedule Show response ihealthcovidtest.com/verifyTest/	1 KB 1 KB	690ms 609ms	Document text/html	108.157.4.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-58.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 5351f985680003cf7e55b565f09a64faef9fa586406fe90fa799dbbf48b8b52e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 26933 content-encoding gzip content-type text/html date Mon, 06 Jun 2022 19:22:02 GMT etag W/"15f7618137f149c3fc92e5cbf89bbf18" last-modified Fri, 06 May 2022 07:48:54 GMT server AmazonS3 vary Accept-Encoding via 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront) x-amz-cf-id r9ZMT2Ow_Unn4UEZhI14qoS0kVkpnrKckUpdxz_F7wFFayDLqutJcA== x-amz-cf-pop DUS51-P2 x-cache Error from cloudfront
GET H2	200	css2 fonts.googleapis.com/	2 KB 927 B	93ms 29ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 07 Jun 2022 00:55:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 07 Jun 2022 02:50:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 07 Jun 2022 02:50:54 GMT
GET H2	200	main.e159f086.js Show response ihealthcovidtest.com/static/js/	8 MB 2 MB	28ms 28ms	Script application/javascript	108.157.4.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ihealthcovidtest.com/static/js/main.e159f086.js Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-58.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 16ab61e4d358edf960088b37082a15d17d48dc8e62ce88af2e0db4dec65b0440 Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/verifyTest/schedule User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Mon, 06 Jun 2022 04:48:04 GMT content-encoding br last-modified Fri, 06 May 2022 07:48:55 GMT server AmazonS3 age 79371 etag W/"0cf488ed358983c864a30d44331a048a-2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P2 x-amz-cf-id 1dYZ0NDBfxnuxM7Wk064R-SimGNAABZuwbQSRKmesw46AvEJ0HOIJQ==
GET H2	200	main.af5508e4.css ihealthcovidtest.com/static/css/	647 KB 87 KB	132ms 132ms	Stylesheet text/css	108.157.4.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ihealthcovidtest.com/static/css/main.af5508e4.css Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-58.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash b1285807e81143d50fa3eed846f0a410995fb6c707f0ab21a4f483286104bc6f Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/verifyTest/schedule User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Mon, 06 Jun 2022 04:22:31 GMT content-encoding br last-modified Fri, 06 May 2022 07:48:55 GMT server AmazonS3 age 80904 etag W/"f1d68313a1afafc5a0b11dffae110fc2" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P2 x-amz-cf-id MoXL5wf1GCSWMdeo33xcs-MlTFJnfreAoAAU709bGWDhfi9unICmhQ==
GET H2	200	gtm.js Show response www.googletagmanager.com/	103 KB 39 KB	94ms 36ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NQTP822 Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4475d970412d287fcfb091dbb8570e7b8902153a22f2c85f4d485b385236aa32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 02:50:54 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39713 x-xss-protection 0 last-modified Tue, 07 Jun 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 07 Jun 2022 02:50:54 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	191 KB 68 KB	44ms 44ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5WME9CXSNE&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQTP822 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7a09efcf0e254d9f76db384103d6911c2e962aeab6841e0f6ffc5d387e7f772a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 02:50:54 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69935 x-xss-protection 0 expires Tue, 07 Jun 2022 02:50:54 GMT
POST H2	204	collect www.google-analytics.com/g/	0 350 B	488ms 24ms	Ping text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-5WME9CXSNE&gtm=2oe660&_p=1793348752&_z=ccd.tdB&cid=249105499.1654570255&ul=en-us&sr=1600x1200&_s=1&sid=1654570254&sct=1&seg=0&dl=https%3A%2F%2Fihealthcovidtest.com%2FverifyTest%2Fschedule&dt=iHealth%20Labs&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5WME9CXSNE&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Tue, 07 Jun 2022 02:50:55 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ihealthcovidtest.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v3 Show response js.stripe.com/	312 KB 83 KB	259ms 59ms	Script application/javascript	65.9.110.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/static/js/main.e159f086.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.110.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-110-91.tlv50.r.cloudfront.net Software Cloudfront / Resource Hash ccb3d39720a9df27a4b214eb1b18df33070d49ffd57d6c9211a12c0c54832630 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 19 x-cache Hit from cloudfront date Tue, 07 Jun 2022 02:50:37 GMT via 1.1 90cdff7228f895ed6ae34a9448571062.cloudfront.net (CloudFront) last-modified Mon, 06 Jun 2022 20:47:21 GMT server Cloudfront etag W/"8a316502fcc1c7eabe3e4e98806f4a43" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 x-amz-cf-pop TLV50-C2 timing-allow-origin * x-amz-cf-id SZOVcKd3nGVWeKH1eo5BrnUa3wvc0yc4bZIa6icbXvYhO6BVivQV_A==
GET H2	200	ihealth_logo_white.png ihealthcovidtest.com/Logo/	4 KB 4 KB	13ms 12ms	Image image/png	108.157.4.58 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ihealthcovidtest.com/Logo/ihealth_logo_white.png Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-58.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash fbc9be6f6b8d268e28bfec7d9969aacedcd04c47f937470dd578147018cacebb Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/verifyTest/schedule User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 01:24:28 GMT via 1.1 656be55f933cf25841b96f9c9070a178.cloudfront.net (CloudFront) last-modified Fri, 06 May 2022 07:48:54 GMT server AmazonS3 age 5188 etag "b267e59584b24025f69ff787c339fc2b" x-cache Hit from cloudfront content-type image/png x-amz-cf-pop DUS51-P2 accept-ranges bytes content-length 3808 x-amz-cf-id rzn9prJLU_h1ESrUGHNiSRqVZYTRm0rxP7s-HmDX8jDzSh3DM7_edg==
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	102ms 66ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ihealthcovidtest.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 31 May 2022 17:08:09 GMT x-content-type-options nosniff age 553366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 May 2023 17:08:09 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	64ms 30ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ihealthcovidtest.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 31 May 2022 17:08:09 GMT x-content-type-options nosniff age 553366 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 May 2023 17:08:09 GMT
GET H3	200	S6u9w4BMUTPHh50XSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	22 KB 22 KB	66ms 14ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ihealthcovidtest.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 31 May 2022 17:12:19 GMT x-content-type-options nosniff age 553117 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22504 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:04:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 31 May 2023 17:12:19 GMT
GET H2	200	m-outer-588e554a3732f54c5145b955ae4f335e.html Show response js.stripe.com/v3/ Frame F5BF	240 B 981 B	58ms 57ms	Document text/html	65.9.110.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.110.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-110-91.tlv50.r.cloudfront.net Software Cloudfront / Resource Hash 079a0a04f46f7a576d7e85c8be838778a8b645f031800a1aeb48a8a50e4a30c2 Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ihealthcovidtest.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2462 cache-control max-age=31536000 content-length 240 content-security-policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 07 Jun 2022 02:09:55 GMT etag "588e554a3732f54c5145b955ae4f335e" last-modified Wed, 01 Jun 2022 19:43:42 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 90cdff7228f895ed6ae34a9448571062.cloudfront.net (CloudFront) x-amz-cf-id efS6x0kcYj2uzCZQVhMUhSFyWp_Go2Tvegyhk7IcjMPU4GatYMKoBQ== x-amz-cf-pop TLV50-C2 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	csp-report q.stripe.com/ Frame F5BF	0 570 B	605ms 174ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 07 Jun 2022 02:50:56 GMT x-content-type-options nosniff x-envoy-upstream-service-time 1 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m-outer-a2bf84db055994524227b9819d1c5b06.js Show response js.stripe.com/v3/fingerprinted/js/ Frame F5BF	1 KB 1 KB	323ms 323ms	Script application/javascript	65.9.110.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-a2bf84db055994524227b9819d1c5b06.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.110.91 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-110-91.tlv50.r.cloudfront.net Software Cloudfront / Resource Hash 60f9cdffa54b3516f9dd33888dd028cd28dc363e562d305bc291660cd5da2ecc Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-588e554a3732f54c5145b955ae4f335e.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-amz-cf-pop TLV50-C2 x-cache Hit from cloudfront date Tue, 07 Jun 2022 02:50:56 GMT via 1.1 90cdff7228f895ed6ae34a9448571062.cloudfront.net (CloudFront) last-modified Wed, 01 Jun 2022 19:43:19 GMT server Cloudfront etag W/"f8f64b5dfcb745dea9887f0f79421f26" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id 92vnn8x6kiJj-Xyl8tkeaMh2PaXPsM0QboENfWjIo2ysOxHkcSt5SQ==
GET H2	200	inner.html Show response m.stripe.network/ Frame 15D9	930 B 2 KB	99ms 31ms	Document text/html	2600:9000:2156:6800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a2bf84db055994524227b9819d1c5b06.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 249 cache-control max-age=300, public content-length 930 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Tue, 07 Jun 2022 02:46:48 GMT etag "fc2e029628f163bb59adc6fa5a31161c" last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) x-amz-cf-id xIMCwxRKMyMhNaV6yDQDdLNlpU-TV2tLW0OJnroV5uNtpawXY1i2wg== x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront x-content-type-options nosniff
POST H2	200	csp-report q.stripe.com/ Frame 15D9	0 345 B	176ms 173ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: ihealthcovidtest.com URL: https://ihealthcovidtest.com/verifyTest/schedule Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Tue, 07 Jun 2022 02:50:56 GMT referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload cache-control max-age=0, no-cache, no-store, must-revalidate x-envoy-upstream-service-time 1 x-robots-tag none content-length 0 x-content-type-options nosniff expires 0
GET H2	200	out-4.5.42.js Show response m.stripe.network/ Frame 15D9	86 KB 14 KB	31ms 31ms	Script text/javascript	2600:9000:2156:6800:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cloudfront / Resource Hash f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff last-modified Thu, 17 Mar 2022 19:03:12 GMT server Cloudfront age 236 date Tue, 07 Jun 2022 02:47:06 GMT vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript; charset=utf-8 via 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront) cache-control max-age=300, public x-amz-cf-pop FRA50-C1 x-amz-cf-id 7MTlDLovKUExoqsbZFDpUa_SdupBa4FrQQYgVm2dzNXwBxnB_94aiA== etag W/"21df7244385e5c0bdf32da01d0dad6c0"
POST H2	200	6 Show response m.stripe.com/ Frame 15D9	156 B 523 B	552ms 184ms	XHR application/json	52.41.199.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.42.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.41.199.178 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-41-199-178.us-west-2.compute.amazonaws.com Software nginx / Resource Hash a5b92df59258e1cf84babd292dc605c02b0f1c3419017fe27de702eb584a6242 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 07 Jun 2022 02:50:57 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H3	204	collect www.google-analytics.com/g/	0 17 B	52ms 21ms	Ping text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-5WME9CXSNE&gtm=2oe660&_p=1793348752&_z=ccd.tdB&_ipe=0&cid=249105499.1654570255&ul=en-us&sr=1600x1200&_s=2&sid=1654570254&sct=1&seg=0&dl=https%3A%2F%2Fihealthcovidtest.com%2FverifyTest%2Fschedule&dt=iHealth%20Labs&en=scroll&_et=5&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5WME9CXSNE&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ihealthcovidtest.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Tue, 07 Jun 2022 02:50:59 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ihealthcovidtest.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __core-js_shared__ object| regeneratorRuntime function| _ object| cptable object| XLSX object| TypeScript string| toolsVersion object| __ARTC__ object| __webpackStripeJSv3Jsonp function| Stripe

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ihealthcovidtest.com/	1970-01-20 05:45:46	Name: _gcl_au Value: 1.1.1100198202.1654570255
			.ihealthcovidtest.com/	1970-01-20 21:07:22	Name: _ga_5WME9CXSNE Value: GS1.1.1654570254.1.0.1654570254.0
			.ihealthcovidtest.com/	1970-01-20 21:07:22	Name: _ga Value: GA1.1.249105499.1654570255
			m.stripe.com/	1970-01-20 21:07:22	Name: m Value: 16a60def-29bf-48de-aa8a-5e755d5bb1617311bb
			.ihealthcovidtest.com/	1970-01-20 12:21:46	Name: __stripe_mid Value: bfff153b-3f36-4486-82a7-e1e50cae87a8faf664
			.ihealthcovidtest.com/	1970-01-20 03:36:12	Name: __stripe_sid Value: 101ff78a-5e71-4bc4-9396-5cd85ae52dc5447d9e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ihealthcovidtest.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
www.google-analytics.com
www.googletagmanager.com
108.157.4.58
2600:9000:2156:6800:19:7d10:bd80:93a1
2a00:1450:4001:800::200e
2a00:1450:4001:809::2003
2a00:1450:4001:813::2008
2a00:1450:4001:82a::200a
52.41.199.178
54.187.119.242
65.9.110.91
079a0a04f46f7a576d7e85c8be838778a8b645f031800a1aeb48a8a50e4a30c2
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
16ab61e4d358edf960088b37082a15d17d48dc8e62ce88af2e0db4dec65b0440
4475d970412d287fcfb091dbb8570e7b8902153a22f2c85f4d485b385236aa32
52519e8c754d4fd14b9ea19ff3f3e758ad1978858827881984e7da06a285ef97
5351f985680003cf7e55b565f09a64faef9fa586406fe90fa799dbbf48b8b52e
60f9cdffa54b3516f9dd33888dd028cd28dc363e562d305bc291660cd5da2ecc
7a09efcf0e254d9f76db384103d6911c2e962aeab6841e0f6ffc5d387e7f772a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a5b92df59258e1cf84babd292dc605c02b0f1c3419017fe27de702eb584a6242
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b1285807e81143d50fa3eed846f0a410995fb6c707f0ab21a4f483286104bc6f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ccb3d39720a9df27a4b214eb1b18df33070d49ffd57d6c9211a12c0c54832630
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fbc9be6f6b8d268e28bfec7d9969aacedcd04c47f937470dd578147018cacebb