qa.vaccines.doh.rtsclients.com Open in urlscan Pro
2600:9000:2197:4600:19:44fe:cec0:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response qa.vaccines.doh.rtsclients.com/	5 KB 6 KB	1444ms 1361ms	Document text/html	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 9dede48917efeff6d7ba229afae9f3fbb48887976ff9290f31454c1285407425 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers access-control-allow-origin * content-length 5091 content-type text/html; charset=utf-8 date Sat, 09 Sep 2023 22:26:13 GMT etag W/"13e3-CAJxWr037LsvkShr0nNXsA3a1lY" via 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amz-apigw-id K__7GFPcPHcFrtg= x-amz-cf-id FkFhI5xaRrrlzuJdo8wfijyZkSlRviW75cHSsmA1vOlTifE7s49nJQ== x-amz-cf-pop HIO50-C1 NRT20-C1 x-amzn-remapped-connection close x-amzn-remapped-content-length 5091 x-amzn-remapped-date Sat, 09 Sep 2023 17:36:20 GMT x-amzn-requestid 901f0baa-0d1f-4bca-81b8-166c6ca31f74 x-amzn-trace-id Root=1-64fcad13-5d422053593cade94260f98a;Sampled=0;lineage=52e1bb6e:0 x-cache RefreshHit from cloudfront x-powered-by Express
GET H2	200	styles.css qa.vaccines.doh.rtsclients.com/css/	28 KB 29 KB	279ms 278ms	Stylesheet text/css	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/css/styles.css Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash a80bbb860961764701cbe091c4bf1d6b6a7b66f00eb78a81778abbc7a544ec17 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amzn-remapped-content-length 28884 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 8f394812-c0e9-466c-ab6c-b6efe9008880 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY-HX8PHcFTaA= content-length 28884 etag W/"70d4-EFN4+uHnSUcrjjn63ypCjDmhuxE" x-amzn-trace-id Root=1-64fcf105-686c04a40d479d8f28adaf7e;Sampled=0;lineage=52e1bb6e:0 content-type text/css; charset=utf-8 access-control-allow-origin * x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id YpMOqVFsOQvr9O4dkn-wKGZPRmwBTEOKmOXwpwx_WncxrjaoW1AYrw==
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	84ms 43ms	Stylesheet text/css	2404:6800:4004:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,400,400i,700,900 Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5e0235cd15151cf9e410c3293b67ab3aff0561cff3df8eecdd7e95d530643b8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 09 Sep 2023 22:26:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 09 Sep 2023 22:26:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 09 Sep 2023 22:26:13 GMT
GET H2	200	kendo.common.min.css qa.vaccines.doh.rtsclients.com/lib/	331 KB 49 KB	312ms 311ms	Stylesheet text/css	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/lib/kendo.common.min.css Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash ba1f50a4740e49a3eb4aca79f775c8ddec869abb0a0fb5a96b9da271fe506222 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) content-encoding br x-amzn-remapped-content-length 338625 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 3d1f6272-7959-4f74-b944-d31451d056ca x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY_FzZPHcFacA= last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"52ac1-7438674ba0" x-amzn-trace-id Root=1-64fcf106-6ef505f93a604cf73179acf2;Sampled=0;lineage=52e1bb6e:0 vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id Lkyr-6Dp8zl7-YZbrZjIVhQa7a6QwCo3VVHzm8FanwLlWv3kDWvTig==
GET H2	200	kendo.default.min.css qa.vaccines.doh.rtsclients.com/lib/	78 KB 12 KB	202ms 201ms	Stylesheet text/css	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/lib/kendo.default.min.css Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash fb2f079542eadf1048c6c11085d0f5476f963ed85ef8c32cb4ce6d7ae9f69647 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) content-encoding br x-amzn-remapped-content-length 79792 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid c33c5a20-125c-4287-8207-6cfcd2c611b7 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY-F9rPHcFeZw= last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"137b0-7438674ba0" x-amzn-trace-id Root=1-64fcf105-0ae8691d219dedf75d2a3dbc;Sampled=0;lineage=52e1bb6e:0 vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 x-amzn-remapped-date Sat, 09 Sep 2023 22:26:13 GMT x-amz-cf-id MXTeHdGgn-r_OGAqK07fZGAceZfoV0fUgLIjZmwH-hHQMQGo-xtzCQ==
GET H2	200	jquery.min.js Show response qa.vaccines.doh.rtsclients.com/lib/	86 KB 30 KB	297ms 296ms	Script application/javascript	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/lib/jquery.min.js Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) content-encoding br x-amzn-remapped-content-length 88144 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 4285be44-c9ad-457e-a4a9-8485482220d6 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY_G0_vHcFU0w= last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"15850-7438674ba0" x-amzn-trace-id Root=1-64fcf106-0793e5ec7bbef2e76e935171;Sampled=0;lineage=52e1bb6e:0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id XiNUsxMJRBNdfS4tUDvBUStX17MkFcuBXGZZhpyEdEkowCALGsl1Bg==
GET H2	200	kendo.doh.min.js Show response qa.vaccines.doh.rtsclients.com/lib/	1 MB 369 KB	296ms 295ms	Script application/javascript	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/lib/kendo.doh.min.js Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 9ca2669f1b568730e506078cad44ec4a2d5101965b18f758bc0be075cd2463a7 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) content-encoding br x-amzn-remapped-content-length 1503943 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid a1334546-3edd-433f-9f93-f23dcc895675 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY-HmCvHcFyLQ= last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"16f2c7-7438674ba0" x-amzn-trace-id Root=1-64fcf105-7b2998eb6145156e7b280146;Sampled=0;lineage=52e1bb6e:0 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=0 x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id IVIW-cSo4S9Gjw8_fIFv6nyiES0gdQmQkS1FyyBH0su9ikStNuaYXQ==
GET H2	200	utils.js Show response qa.vaccines.doh.rtsclients.com/js/	50 KB 51 KB	326ms 326ms	Script application/javascript	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/js/utils.js Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash d1a1bb81cd5aa925437ccfab3f7273bb9452beb10ea7ff3d05215003f9f59bbc Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amzn-remapped-content-length 51491 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 11e75970-d44c-43e7-8ace-eb3b493caff9 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY_GNHPHcFTiA= content-length 51491 etag W/"c923-iMouMFgwKRDXDZHXm2Jt9/XsayA" x-amzn-trace-id Root=1-64fcf106-35086537702b54742e40053b;Sampled=0;lineage=52e1bb6e:0 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id XHS2EScDnDYIk6uJSPqedx_tc9MqaWOLtMg8KXgB-E5OfDzKiVz_ug==
GET H2	200	login.js Show response qa.vaccines.doh.rtsclients.com/js/	14 KB 14 KB	187ms 186ms	Script application/javascript	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/js/login.js Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash a15aacb4f47c4368f936d7c46fb1b3ad4fc166e6bd74faa469e17bfd22121e8b Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:13 GMT via 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amzn-remapped-content-length 13826 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 15633d01-1db2-4745-ac19-9581e14a7225 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqY-H2ovHcFovQ= content-length 13826 etag W/"3602-el+NVbGlWZnXEDDjj+qQnnENXl8" x-amzn-trace-id Root=1-64fcf105-3b7a35512f8e28fc177063ff;Sampled=0;lineage=52e1bb6e:0 content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amzn-remapped-date Sat, 09 Sep 2023 22:26:13 GMT x-amz-cf-id CmWnVkq32wYHGrReSVoDMAUv0xJqTDM4JQ6PeI5i9xHGLmCy2jqgMw==
GET H2	200	js Show response www.googletagmanager.com/gtag/	236 KB 83 KB	98ms 56ms	Script application/javascript	2404:6800:4004:824::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ELP3W91XE8 Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c621023f7c6a873023203c323ddb00d14020d65a9f8507cdab46d292063de2d9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 84538 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 09 Sep 2023 22:26:14 GMT
GET H2	200	logo-co-full.jpg qa.vaccines.doh.rtsclients.com/images/	16 KB 16 KB	166ms 166ms	Image image/jpeg	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://qa.vaccines.doh.rtsclients.com/images/logo-co-full.jpg Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/css/styles.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 089d86d7bba844b0e43c0bca0b2ed654830edd8e285cca139fc263486637c0c8 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amzn-remapped-content-length 16191 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid f7c9c97b-9dc0-44d9-a3d7-d9ed39a839a4 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqZDGU6vHcFqQg= content-length 16191 last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"3f3f-7438674ba0" x-amzn-trace-id Root=1-64fcf106-63956db42be7aa735f8aa7ca;Sampled=0;lineage=52e1bb6e:0 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id iCDsRcX2WgJMGOsXgGnxF9C1_eLQ3rG7RQQ4W89avKB1rQ4K38bPqw==
GET H2	200	side-bar.html Show response qa.vaccines.doh.rtsclients.com/	378 B 982 B	166ms 166ms	XHR text/html	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/side-bar.html Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/lib/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash 0ec711a8f74bad189aabe36d1bc5d45260a7748de91b38ff87d89485ad37adeb Request headers Accept text/plain, */*; q=0.01 Referer https://qa.vaccines.doh.rtsclients.com/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amzn-remapped-content-length 378 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 3d9ccc10-275e-41cf-869d-1612d2e4c47b x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqZDEQtvHcFk2w= content-length 378 etag W/"17a-BkOTgiuXEHg58+vojAvwjdfc3HQ" x-amzn-trace-id Root=1-64fcf106-10f3e08f795d8cc23750c1d2;Sampled=0;lineage=52e1bb6e:0 content-type text/html; charset=utf-8 access-control-allow-origin * x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id Srj0EKrfyxdFJNL7E8nSZoEpJ4nl0Uy1X4myxuqkUGAMHD_phvI7WA==
GET H2	200	header.html Show response qa.vaccines.doh.rtsclients.com/	4 KB 5 KB	478ms 478ms	XHR text/html	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/header.html Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/lib/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash bb2d8fad89908ca2a364e4228b15291d1da762947bc3a9dd067ff34578daab58 Request headers Accept text/plain, */*; q=0.01 Referer https://qa.vaccines.doh.rtsclients.com/ X-Requested-With XMLHttpRequest accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) x-amzn-remapped-content-length 4397 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 41db9739-1ff1-406f-a5f5-4b3a556807ae x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqZDFK5vHcFZlw= content-length 4397 etag W/"112d-yUvSDLFpB7/ktdQdfG36j4SMoNI" x-amzn-trace-id Root=1-64fcf106-33f2c41d2007958910efa7dc;Sampled=0;lineage=52e1bb6e:0 content-type text/html; charset=utf-8 access-control-allow-origin * x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id sr_k1vpNpDbd4Q-an51YYDS2netIHslfovgLpt78LjycK9kOAnG_1Q==
GET H2	200	WebComponentsIcons.ttf qa.vaccines.doh.rtsclients.com/lib/fonts/glyphs/	128 KB 54 KB	571ms 571ms	Font font/ttf	2600:9000:2197:4600:19:44fe:cec0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://qa.vaccines.doh.rtsclients.com/lib/fonts/glyphs/WebComponentsIcons.ttf?gedxeo Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/lib/kendo.common.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2197:4600:19:44fe:cec0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Express Resource Hash edbae3c01329916b6f8fa584f9713470167845ae7a43565fa80ffd4953042440 Request headers Referer https://qa.vaccines.doh.rtsclients.com/lib/kendo.common.min.css Origin https://qa.vaccines.doh.rtsclients.com accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers date Sat, 09 Sep 2023 22:26:14 GMT via 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5fa8781927f0b3b53d2119c9d6e2e874.cloudfront.net (CloudFront) content-encoding br x-amzn-remapped-content-length 131524 x-amz-cf-pop HIO50-C1, NRT20-C1 x-amzn-requestid 2551817d-76d4-4852-871b-b40904bb1e69 x-amzn-remapped-connection close x-powered-by Express x-cache Miss from cloudfront x-amz-apigw-id LAqZDHXXPHcF92Q= last-modified Sat, 26 Oct 1985 08:15:00 GMT etag W/"201c4-7438674ba0" x-amzn-trace-id Root=1-64fcf106-23c9db4302c472e03da3925a;Sampled=0;lineage=52e1bb6e:0 vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=0 x-amzn-remapped-date Sat, 09 Sep 2023 22:26:14 GMT x-amz-cf-id u1jcEBwsFUomvPgM9s5k_QTuJHzti5mDMOELVxz6LzswcUijNgQIDw==
POST H2	204	collect analytics.google.com/g/	0 264 B	119ms 41ms	Ping text/plain	2001:4860:4802:32::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-ELP3W91XE8&gtm=45je3960&_p=1084863011&_gaz=1&cid=1294772443.1694298374&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694298374&sct=1&seg=0&dl=https%3A%2F%2Fqa.vaccines.doh.rtsclients.com%2F&dt=NMDOH%20-%20Provider%20Portal%20-%20Login&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ELP3W91XE8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sat, 09 Sep 2023 22:26:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://qa.vaccines.doh.rtsclients.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 264 B	144ms 35ms	Ping text/plain	2404:6800:4008:c13::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ELP3W91XE8&cid=1294772443.1694298374&gtm=45je3960&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ELP3W91XE8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sat, 09 Sep 2023 22:26:14 GMT server Golfe2 content-type text/plain access-control-allow-origin https://qa.vaccines.doh.rtsclients.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.co.jp/ads/	42 B 408 B	82ms 42ms	Image image/gif	2404:6800:4004:824::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ELP3W91XE8&cid=1294772443.1694298374&gtm=45je3960&aip=1&z=1697321681 Requested by Host: qa.vaccines.doh.rtsclients.com URL: https://qa.vaccines.doh.rtsclients.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sat, 09 Sep 2023 22:26:14 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect analytics.google.com/g/	0 54 B	40ms 39ms	Ping text/plain	2001:4860:4802:32::181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-ELP3W91XE8&gtm=45je3960&_p=1084863011&cid=1294772443.1694298374&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694298374&sct=1&seg=0&dl=https%3A%2F%2Fqa.vaccines.doh.rtsclients.com%2F&dt=NMDOH%20-%20Provider%20Portal%20-%20Login&en=scroll&epn.percent_scrolled=90&_et=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ELP3W91XE8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language jp-JP,jp;q=0.9 Referer https://qa.vaccines.doh.rtsclients.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers pragma no-cache date Sat, 09 Sep 2023 22:26:19 GMT server Golfe2 content-type text/plain access-control-allow-origin https://qa.vaccines.doh.rtsclients.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery object| kendo object| utils function| initializeLocationsModal object| authResponse undefined| _mfaId function| login function| showMfa function| promptChooseLocation function| chooseLocation function| showChangePassword function| verifyMfa function| changePassword function| forgotPassword function| submitForgotPassword function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.rtsclients.com/	1970-01-21 00:14:18	Name: _ga Value: GA1.1.1294772443.1694298374
			.rtsclients.com/	1970-01-21 00:14:18	Name: _ga_ELP3W91XE8 Value: GS1.1.1694298374.1.0.1694298374.60.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://qa.vaccines.doh.rtsclients.com/(Line 7) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fonts.googleapis.com
qa.vaccines.doh.rtsclients.com
stats.g.doubleclick.net
www.google.co.jp
www.googletagmanager.com
2001:4860:4802:32::181
2404:6800:4004:80a::200a
2404:6800:4004:824::2003
2404:6800:4004:824::2008
2404:6800:4008:c13::9c
2600:9000:2197:4600:19:44fe:cec0:93a1
089d86d7bba844b0e43c0bca0b2ed654830edd8e285cca139fc263486637c0c8
0ec711a8f74bad189aabe36d1bc5d45260a7748de91b38ff87d89485ad37adeb
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5e0235cd15151cf9e410c3293b67ab3aff0561cff3df8eecdd7e95d530643b8a
9ca2669f1b568730e506078cad44ec4a2d5101965b18f758bc0be075cd2463a7
9dede48917efeff6d7ba229afae9f3fbb48887976ff9290f31454c1285407425
a15aacb4f47c4368f936d7c46fb1b3ad4fc166e6bd74faa469e17bfd22121e8b
a80bbb860961764701cbe091c4bf1d6b6a7b66f00eb78a81778abbc7a544ec17
ba1f50a4740e49a3eb4aca79f775c8ddec869abb0a0fb5a96b9da271fe506222
bb2d8fad89908ca2a364e4228b15291d1da762947bc3a9dd067ff34578daab58
c621023f7c6a873023203c323ddb00d14020d65a9f8507cdab46d292063de2d9
d1a1bb81cd5aa925437ccfab3f7273bb9452beb10ea7ff3d05215003f9f59bbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbae3c01329916b6f8fa584f9713470167845ae7a43565fa80ffd4953042440
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb2f079542eadf1048c6c11085d0f5476f963ed85ef8c32cb4ce6d7ae9f69647