urlscan.io logo urlscan.io
SecurityTrails logo

www.testing.com Open in urlscan Pro
141.193.213.20  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.testing.com/
Submission Tags: @phish_report
Submission: On February 15 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 28 HTTP transactions. The main IP is 141.193.213.20, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.testing.com. The Cisco Umbrella rank of the primary domain is 401566.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2024. Valid for: a year.
This is the only time www.testing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 141.193.213.20 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 151.101.194.133 ()
28 4
Apex Domain
Subdomains		 Transfer
18 testing.com
www.testing.com — Cisco Umbrella Rank: 401566
1 MB
5 klaviyo.com
static.klaviyo.com
static-tracking.klaviyo.com
41 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
171 KB
28 4
Domain Requested by
18 www.testing.com www.testing.com
3 static.klaviyo.com www.testing.com
static.klaviyo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static-tracking.klaviyo.com static.klaviyo.com
2 www.googletagmanager.com www.testing.com
www.googletagmanager.com
28 5

This site contains links to these domains. Also see Links.

Domain
testing.com
www.facebook.com
twitter.com
www.instagram.com
Subject Issuer Validity Valid
www.testing.com
Cloudflare Inc ECC CA-3		 2024-01-26 -
2024-12-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
static.klaviyo.com
R3		 2024-01-13 -
2024-04-12		 3 months crt.sh
static-tracking.klaviyo.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.testing.com/
Frame ID: 228776545BFE5552651187E8ED70335E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Order Lab Tests and Blood Tests Online | Testing.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Page Statistics

28
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1333 kB
Transfer

1927 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.testing.com/ 		169 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
d146af18e81eac898b32d130da999a671f7c84c274fa2068b4d056dec7fa9fb7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
855a012eba9cd93b-HEL
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 15 Feb 2024 02:08:43 GMT
last-modified
Tue, 01 Mar 2022 00:00:00 GMT
link
<https://www.testing.com/wp-json/>; rel="https://api.w.org/" <https://www.testing.com/wp-json/wp/v2/pages/33>; rel="alternate"; type="application/json" <https://www.testing.com/>; rel=shortlink
published-date
Tue, 01 Mar 2022 00:00:00 GMT
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=63072000
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 19
x-cache-group
iphone
x-cacheable
SHORT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WP Engine
x-xss-protection
1; mode=block
WorkSans-Regular.woff2
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/WorkSans-Regular.woff2
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c01a35fd6cfe614901001c1aa9eb4817700a0646091a818214fa384a7fdd32fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
219577
alt-svc
h3=":443"; ma=86400
content-length
65900
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
"651b4600-1016c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a012ffb21d93b-HEL
WorkSans-Bold.woff2
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/WorkSans-Bold.woff2
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
905ba925744289781fff998820bd4f22ee44d6a040b07c4b714e02e4fe00f1cb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
219577
alt-svc
h3=":443"; ma=86400
content-length
70080
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
"651b4600-111c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01300b22d93b-HEL
WorkSans-Light.woff2
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/ 		67 KB
67 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/WorkSans-Light.woff2
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3468544a2ebe9bf13c024bd5f01568af9566501a57541e82829ee9d3e3a184f1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
219577
alt-svc
h3=":443"; ma=86400
content-length
68892
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
"651b4600-10d1c"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01300b24d93b-HEL
banner-img-679x839.png
www.testing.com/wp-content/uploads/2022/09/ 		428 KB
429 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/uploads/2022/09/banner-img-679x839.png
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
64ef7a2d546fc70f13c7b96b7ab516213c59e5dde693b98fcd96c7f20e42ae7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
189866
cf-polished
origFmt=png, origSize=2283328
content-disposition
inline; filename="banner-img-679x839.webp"
alt-svc
h3=":443"; ma=86400
content-length
438120
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 18 Apr 2023 21:16:34 GMT
server
cloudflare
etag
"643f08b2-22d740"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01303b3fd93b-HEL
classic-themes.min.css
www.testing.com/wp-includes/css/ 		291 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-includes/css/classic-themes.min.css?ver=1001584618
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 13 Feb 2023 20:50:19 GMT
server
cloudflare
etag
W/"63eaa28b-123"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a012ffb20d93b-HEL
wp-emoji-release.min.js
www.testing.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-includes/js/wp-emoji-release.min.js?ver=1325309193
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:44 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Feb 2023 00:53:25 GMT
server
cloudflare
etag
W/"63db0985-4904"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01311e2dd98d-HEL
logo.svg
www.testing.com/wp-content/uploads/2022/09/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/uploads/2022/09/logo.svg
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
730250891652d951bf02fa2a75d845efd72d743a8956ac946f6d3986dc80bd58
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
223981
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Apr 2023 21:16:33 GMT
server
cloudflare
etag
W/"643f08b1-c0a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01312e30d98d-HEL
loading-icon-primary.svg
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/ 		782 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/loading-icon-primary.svg
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
890b80af248981f578232c7095e177958d9fe9f639457c9bc2e0829295bb132c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
223985
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
W/"651b4600-30e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01303b40d93b-HEL
non-critical.js
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/js/non-critical.js
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
503868c435eb62ef125b739ea4ed844416f25ae38a421046ef9f25bf798e57e3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
223979
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
W/"651b4600-3d7d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01312e35d98d-HEL
home.min.css
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/css/home.min.css?ver=59677801
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e66dbae1168eef88c9cfcb77676d1825d26effc8f55cb979fe045b2683bb6f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:37:14 GMT
server
cloudflare
etag
W/"651b461a-5af5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01312e33d98d-HEL
gtm.js
www.googletagmanager.com/ 		223 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P5VH9HX
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c50933295d4d87658d89565f3a80cb7080121e4a29070536c2286b9467429d22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80013
x-xss-protection
0
last-modified
Thu, 15 Feb 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 15 Feb 2024 02:08:43 GMT
drop-white-icon.svg
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/ 		535 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/drop-white-icon.svg
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b62093fc5678f109e17bb08d690301ee447dcea5e1bdd696db00259e4d091d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
223974
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
W/"651b4600-217"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01313e38d98d-HEL
orange-drop-sm.svg
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/ 		451 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/orange-drop-sm.svg
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
23885f0212d34852efcffade19c5cb9c2f83e0667a843504ee61cef44813fe03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
223971
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
W/"651b4600-1c3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01313e3cd98d-HEL
drop-sm.svg
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/ 		505 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/drop-sm.svg
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b349cd6e8b7e8a1eb0bd21a1aa81c7ff364864555cc767be2e9134c01e1fdaf7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
97852
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
W/"651b4600-1f9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
855a01313e3dd98d-HEL
WorkSans-SemiBold.woff2
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/WorkSans-SemiBold.woff2
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
82a5fdf0773c066b2f88503cb08c88759a8850860bb50d250da22ad90dc3ce35
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
219577
alt-svc
h3=":443"; ma=86400
content-length
69480
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
"651b4600-10f68"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01313e3ed98d-HEL
WorkSans-Medium.woff2
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/fonts/WorkSans-Medium.woff2
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
efc176b2c89d106655e8bbc1a3589bd6aaf33fd331cf5f14a4c71043046a41ac
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
219577
alt-svc
h3=":443"; ma=86400
content-length
69612
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
"651b4600-10fec"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01313e3fd98d-HEL
couple-right-557x567.png
www.testing.com/wp-content/uploads/2022/09/ 		282 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/uploads/2022/09/couple-right-557x567.png
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9487a06c32a05ed5c3110ef632078835c444b9cac96b28df69437348e2b3653
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
189860
cf-polished
origFmt=png, origSize=1265965
content-disposition
inline; filename="couple-right-557x567.webp"
alt-svc
h3=":443"; ma=86400
content-length
289132
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Tue, 18 Apr 2023 21:16:34 GMT
server
cloudflare
etag
"643f08b2-13512d"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01319e5dd98d-HEL
bg-drop.png
www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/images/bg-drop.png
Requested by
Host: www.testing.com
URL: https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/css/home.min.css?ver=59677801
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8ccd4bed270f85bc3ceebbe4df90708471d498798f77d24e21315de0355c47
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/wp-content/themes/ocm-base-timber-revamp/assets/css/home.min.css?ver=59677801
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:43 GMT
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000
cf-cache-status
HIT
age
218250
cf-polished
origFmt=png, origSize=8706
content-disposition
inline; filename="bg-drop.webp"
alt-svc
h3=":443"; ma=86400
content-length
2610
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
cf-bgj
imgq:100,h2pri
last-modified
Mon, 02 Oct 2023 22:36:48 GMT
server
cloudflare
etag
"651b4600-2202"
vary
Accept
x-frame-options
SAMEORIGIN
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
855a01326ec3d98d-HEL
js
www.googletagmanager.com/gtag/ 		275 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-224MMLMJG2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5VH9HX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84a437fc60ff39faba8301a41fc2c9fcd21cb1393f8ab72d53961763e5162d62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Thu, 15 Feb 2024 02:08:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94126
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 15 Feb 2024 02:08:44 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P5VH9HX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 15 Feb 2024 01:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1235
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 15 Feb 2024 03:48:09 GMT
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-224MMLMJG2&gtm=45je42c0v890734005z876593613za200&_p=1707962923695&gcd=13l3l3l3l1&npa=0&dma=0&cid=274205551.1707962924&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707962924&sct=1&seg=0&dl=https%3A%2F%2Fwww.testing.com%2F&dt=Order%20Lab%20Tests%20and%20Blood%20Tests%20Online%20%7C%20Testing.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1036
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-224MMLMJG2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 02:08:44 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.testing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1242304654&t=pageview&_s=1&dl=https%3A%2F%2Fwww.testing.com%2F&ul=en-us&de=UTF-8&dt=Order%20Lab%20Tests%20and%20Blood%20Tests%20Online%20%7C%20Testing.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1673958248&gjid=1578358511&cid=274205551.1707962924&tid=UA-5562595-1&_gid=357144056.1707962924&_r=1&_slc=1&gtm=45He42c0n81P5VH9HXv76593613za200&gcd=13l3l3l3l1&dma=0&z=1920850784
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.testing.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 15 Feb 2024 02:08:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.testing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
klaviyo.js
static.klaviyo.com/onsite/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VX7QA7
Requested by
Host: www.testing.com
URL: https://www.testing.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ae0ac7bab9fb730851d4f26392d97a91009199dbc40525b4a6144250358652d7
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.testing.com/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

content-security-policy
base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Feb 2024 02:08:48 GMT
age
5354
x-cache
HIT, HIT
content-length
922
x-served-by
cache-lga13622-LGA, cache-hel1410025-HEL
server
nginx
x-timer
S1707962929.821375,VS0,VE1
etag
W/"d984e8e598250cfb8f8629d4af4f974d"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
69, 1
fender_analytics.5021e5dc23a75179ed54.js
static-tracking.klaviyo.com/onsite/js/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.5021e5dc23a75179ed54.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VX7QA7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00ba7ec54b2450e898722c3a70a04ec4393720aec7628703e070f2980a63ed1e

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-version-id
fcE4Cr8zmtuYZnHZ28vsDVoEO5oPwRek
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Feb 2024 02:08:48 GMT
x-amz-request-id
VHSA4QQ1P1QD1F6P
age
5355
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12130
x-amz-id-2
eqz9hrswkvS0cW50b2t2e/rS/fbw4x01QTSY2myoALjOIFEm1dqG1I84GiAzfzDDMmikMnKTa40=
x-served-by
cache-lga21970-LGA, cache-hel1410033-HEL
last-modified
Wed, 31 Jan 2024 19:11:23 GMT
server
AmazonS3
etag
"780a7c87c679165cf9dabbb24eac4d52"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
18ca0f804bf02e17b21cd098bf4809dc3f1c2fc4
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
104, 2095
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VX7QA7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-version-id
a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Feb 2024 02:08:48 GMT
x-amz-request-id
AS5HKYSNDWHFWQPJ
age
5355
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
985
x-amz-id-2
lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by
cache-lga21976-LGA, cache-hel1410033-HEL
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
88, 2090
runtime.d7732f27518d7060c599.js
static.klaviyo.com/onsite/js/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.d7732f27518d7060c599.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VX7QA7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07b7a7a5b351ce56c6bddd813a6e170eb9347eb96a50acee61fbe79de6e45f59

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-version-id
yblfdLnxvA4Y6v1u9N.iP9sO.QudfMDb
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Feb 2024 02:08:48 GMT
x-amz-request-id
B99ESY11T866TP71
age
5355
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8243
x-amz-id-2
Ip+iuDHf6q4d3sSuCP0lyviqoYriR4AsHakxLD6yIh36i+8E9G7PPg0108aME+aArheUvrIByGw=
x-served-by
cache-lga21950-LGA, cache-hel1410027-HEL
last-modified
Wed, 14 Feb 2024 15:18:28 GMT
server
AmazonS3
etag
"877a41a937747b961a1b958e99d8359a"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
46578ea826aea634bc3b95f4fa51c3a6aafd694a
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
103, 2167
sharedUtils.6f44d24aaee7b983c49d.js
static.klaviyo.com/onsite/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.6f44d24aaee7b983c49d.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=VX7QA7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ab508c9cdd594bf76615f192ca06ec371f2d057917a4b2226c53b146d044515

Request headers

Referer
https://www.testing.com/
Origin
https://www.testing.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-amz-version-id
TeJfEmetVxQEOshF9sCOu0rvAWcor4LP
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Thu, 15 Feb 2024 02:08:48 GMT
x-amz-request-id
PSVXKZCVRHN5NW60
age
5356
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
16931
x-amz-id-2
/mDbKj8gazqiTSCUj3aoPjljYIeluUexSNQSfFP+WuEWYv2YYHMY3Uqtxj88rKhmLeRkKULruU3hXXzB5Bu9qAzwmwZnuVSB
x-served-by
cache-lga21931-LGA, cache-hel1410027-HEL
last-modified
Tue, 06 Feb 2024 17:52:08 GMT
server
AmazonS3
etag
"c9f11014df3ec20694577b9733fb26e5"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
4fce91007c31be03dcf52b82abca6e8088b0cc97
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
89, 2135

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| page string| loader_img string| theme_url string| current_url string| show_form string| ua_id undefined| urlParams function| include function| sendToGA4 object| _wpemojiSettings object| css_list object| js_list object| jquery_scroll object| js_scroll_list object| template_path object| dependancyChecker function| setJsDownloadEvent function| downloadJSAtOnload function| delayCall function| loadConditionalJSList function| loadConditionalJSDep function| applyCSS object| dataLayer function| load_klaviyo_site_js function| klaviyo_site_js function| _extends function| yall object| labLocatorId undefined| jquery_file function| labLocatorScrollFunc number| pos object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| twemoji object| wp object| gaplugins object| gaData

5 Cookies

Domain/Path Name / Value
.www.testing.com/ Name: __cf_bm
Value: RRHnyOnC.9_4NG9z2bf6ERR7tA2SlFwzd_Rz9EOaiTk-1707962923-1.0-ATv5FhsSt6TMU6Dl743gHYu4ABYILoERK5nDQ992JyEo7blzaHzwMnmDleNO69xtVBr1emOH3ZKGPcKmNvySOWc=
.testing.com/ Name: _ga_224MMLMJG2
Value: GS1.1.1707962924.1.0.1707962924.0.0.0
.testing.com/ Name: _ga
Value: GA1.2.274205551.1707962924
.testing.com/ Name: _gid
Value: GA1.2.357144056.1707962924
.testing.com/ Name: _gat_UA-5562595-1
Value: 1

1 Console Messages

Source Level URL
Text
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

static-tracking.klaviyo.com
static.klaviyo.com
www.google-analytics.com
www.googletagmanager.com
www.testing.com
141.193.213.20
151.101.194.133
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
00ba7ec54b2450e898722c3a70a04ec4393720aec7628703e070f2980a63ed1e
07b7a7a5b351ce56c6bddd813a6e170eb9347eb96a50acee61fbe79de6e45f59
0b62093fc5678f109e17bb08d690301ee447dcea5e1bdd696db00259e4d091d5
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
23885f0212d34852efcffade19c5cb9c2f83e0667a843504ee61cef44813fe03
3468544a2ebe9bf13c024bd5f01568af9566501a57541e82829ee9d3e3a184f1
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
503868c435eb62ef125b739ea4ed844416f25ae38a421046ef9f25bf798e57e3
5e8ccd4bed270f85bc3ceebbe4df90708471d498798f77d24e21315de0355c47
64ef7a2d546fc70f13c7b96b7ab516213c59e5dde693b98fcd96c7f20e42ae7b
6e66dbae1168eef88c9cfcb77676d1825d26effc8f55cb979fe045b2683bb6f8
730250891652d951bf02fa2a75d845efd72d743a8956ac946f6d3986dc80bd58
82a5fdf0773c066b2f88503cb08c88759a8850860bb50d250da22ad90dc3ce35
84a437fc60ff39faba8301a41fc2c9fcd21cb1393f8ab72d53961763e5162d62
890b80af248981f578232c7095e177958d9fe9f639457c9bc2e0829295bb132c
8ab508c9cdd594bf76615f192ca06ec371f2d057917a4b2226c53b146d044515
905ba925744289781fff998820bd4f22ee44d6a040b07c4b714e02e4fe00f1cb
ae0ac7bab9fb730851d4f26392d97a91009199dbc40525b4a6144250358652d7
b349cd6e8b7e8a1eb0bd21a1aa81c7ff364864555cc767be2e9134c01e1fdaf7
c01a35fd6cfe614901001c1aa9eb4817700a0646091a818214fa384a7fdd32fa
c50933295d4d87658d89565f3a80cb7080121e4a29070536c2286b9467429d22
d146af18e81eac898b32d130da999a671f7c84c274fa2068b4d056dec7fa9fb7
d9487a06c32a05ed5c3110ef632078835c444b9cac96b28df69437348e2b3653
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efc176b2c89d106655e8bbc1a3589bd6aaf33fd331cf5f14a4c71043046a41ac