urlscan.io logo urlscan.io
SecurityTrails logo

coronavirushealthchats.com Open in urlscan Pro
104.196.57.25  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.employeehealthcheck.com/
Effective URL: https://coronavirushealthchats.com/employees/
Submission: On October 23 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 104.196.57.25, located in United States and belongs to GOOGLE, US. The main domain is coronavirushealthchats.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 22nd 2020. Valid for: 3 months.
This is the only time coronavirushealthchats.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    107.180.21.53 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
www.employeehealthcheck.com
12    104.196.57.25 (United States)

ASN15169 (GOOGLE, US)
PTR: 25.57.196.104.bc.googleusercontent.com
coronavirushealthchats.com
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
12 coronavirushealthchats.com coronavirushealthchats.com
2 www.google-analytics.com coronavirushealthchats.com
www.google-analytics.com
1 www.gstatic.com www.google.com
1 www.youtube.com coronavirushealthchats.com
1 www.googletagmanager.com coronavirushealthchats.com
1 www.google.com coronavirushealthchats.com
1 www.employeehealthcheck.com 1 redirects
18 7
Subject Issuer Validity Valid
coronavirushealthchats.com
Let's Encrypt Authority X3		 2020-10-22 -
2021-01-20		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://coronavirushealthchats.com/employees/
Frame ID: BF5EC9D211C3DB09C4CB9282FD573109
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lsKTYAXn_Ek?feature=oembed
Frame ID: 174527F1149F935DEA289E17C6CEC5C8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.employeehealthcheck.com/ HTTP 301
    https://coronavirushealthchats.com/employees/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

7
Subdomains

9
IPs

2
Countries

1215 kB
Transfer

2919 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.employeehealthcheck.com/ HTTP 301
    https://coronavirushealthchats.com/employees/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronavirushealthchats.com/employees/
Redirect Chain
  • https://www.employeehealthcheck.com/
  • https://coronavirushealthchats.com/employees/
45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
767f0bc83f38d7919e3e424e61dbda4519a94691505fa6b8676c9e70662e9826

Request headers

:method
GET
:authority
coronavirushealthchats.com
:scheme
https
:path
/employees/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 23 Oct 2020 20:11:03 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
set-cookie
uncode_privacy[consent_types]=%5B%5D; expires=Sat, 23-Oct-2021 18:39:07 GMT; Max-Age=31536000; path=/
link
<https://coronavirushealthchats.com/wp-json/>; rel="https://api.w.org/" <https://coronavirushealthchats.com/?p=342>; rel=shortlink
x-powered-by
WP Engine
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 2
x-cache-group
normal
content-encoding
br

Redirect headers

status
301
date
Fri, 23 Oct 2020 20:11:02 GMT
server
Apache
location
https://coronavirushealthchats.com/employees/
content-length
253
content-type
text/html; charset=iso-8859-1
autoptimize_dbdee7b9b9edcb0675d536373d4fca97.css
coronavirushealthchats.com/wp-content/cache/autoptimize/css/ 		746 KB
105 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronavirushealthchats.com/wp-content/cache/autoptimize/css/autoptimize_dbdee7b9b9edcb0675d536373d4fca97.css
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
c263b8ba1c44ca00215398938d5111325b8551e666d8691eed17b5496479d9bf

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:03 GMT
content-encoding
br
last-modified
Fri, 09 Oct 2020 08:21:31 GMT
server
nginx
status
200
etag
W/"5f801d8b-ba845"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.js
coronavirushealthchats.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirushealthchats.com/wp-includes/js/jquery/jquery.js
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:03 GMT
content-encoding
br
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
nginx
status
200
etag
W/"5cde37d2-17a69"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
api.js
www.google.com/recaptcha/ 		907 B
668 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d63da814454145d25c29e1d657ea41ccb75fc9992456832279fefa0257d9c25b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
576
x-xss-protection
1; mode=block
expires
Fri, 23 Oct 2020 20:11:03 GMT
autoptimize_0dd8917d054e60c920c2392babd8d503.js
coronavirushealthchats.com/wp-content/cache/autoptimize/js/ 		906 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirushealthchats.com/wp-content/cache/autoptimize/js/autoptimize_0dd8917d054e60c920c2392babd8d503.js
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
fdaa8dacfb74b225afba818d49e5f7d34f428cf140b04078d17ed24c17a4920c

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
content-encoding
br
last-modified
Fri, 09 Oct 2020 08:21:31 GMT
server
nginx
status
200
etag
W/"5f801d8b-e298e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		85 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K2ZPC5X
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94e507a63499aa80ea8604a6639f187bf02da1d02a72d65e9695c355cad01085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:03 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32562
x-xss-protection
0
last-modified
Fri, 23 Oct 2020 18:06:31 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 23 Oct 2020 20:11:03 GMT
wp-emoji-release.min.js
coronavirushealthchats.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronavirushealthchats.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
content-encoding
br
last-modified
Tue, 05 Nov 2019 22:04:02 GMT
server
nginx
status
200
etag
W/"5dc1f1d2-364d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
3315
date
Fri, 23 Oct 2020 19:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Fri, 23 Oct 2020 21:15:48 GMT
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
BG-image.jpg
coronavirushealthchats.com/wp-content/uploads/2020/04/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirushealthchats.com/wp-content/uploads/2020/04/BG-image.jpg
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
b536d8ee96d1b0e79bbe958dbc03aba66ed5397d01a586a73e393f709c7c8620

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 08 May 2020 19:33:25 GMT
server
nginx
status
200
etag
"5eb5b405-11724"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
71460
uncode-icons.woff2
coronavirushealthchats.com/wp-content/themes/uncode/library/fonts/ 		138 KB
138 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://coronavirushealthchats.com/wp-content/themes/uncode/library/fonts/uncode-icons.woff2
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/wp-content/cache/autoptimize/css/autoptimize_dbdee7b9b9edcb0675d536373d4fca97.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d

Request headers

Origin
https://coronavirushealthchats.com
Referer
https://coronavirushealthchats.com/wp-content/cache/autoptimize/css/autoptimize_dbdee7b9b9edcb0675d536373d4fca97.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 08 May 2020 19:33:26 GMT
server
nginx
status
200
etag
"5eb5b406-226d0"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
141008
truncated
/ Frame 1745 		37 B
37 B 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
collect
www.google-analytics.com/j/ 		2 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1576719868&t=pageview&_s=1&dl=https%3A%2F%2Fcoronavirushealthchats.com%2Femployees%2F&ul=en-us&de=UTF-8&dt=Employee%20HealthCheck%E2%84%A2%20-%20A%20Safe%20Way%20To%20Return%20To%20Work&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=467270435&gjid=459990202&cid=2052100678.1603483864&tid=UA-46531488-2&_gid=1507089220.1603483864&_r=1&_slc=1&z=583093696
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 23 Oct 2020 20:11:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://coronavirushealthchats.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		549 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94d8923218e5448af099c5c9091a843f1e3fb636a9c8397da40caf5293b9fb4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
lsKTYAXn_Ek
www.youtube.com/embed/ Frame 1745 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/lsKTYAXn_Ek?feature=oembed
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/wp-content/cache/autoptimize/js/autoptimize_0dd8917d054e60c920c2392babd8d503.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/lsKTYAXn_Ek?feature=oembed
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://coronavirushealthchats.com/employees/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://coronavirushealthchats.com/employees/

Response headers

status
200
strict-transport-security
max-age=31536000
cache-control
no-cache
content-type
text/html; charset=utf-8
content-encoding
br
content-length
19816
expires
Tue, 27 Apr 1971 19:44:06 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date
Fri, 23 Oct 2020 20:11:04 GMT
server
YouTube Frontend Proxy
x-xss-protection
0
set-cookie
VISITOR_INFO1_LIVE=2A2dwjoZerk; path=/; domain=.youtube.com; secure; expires=Wed, 21-Apr-2021 20:11:04 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=2A2dwjoZerk; path=/; domain=.youtube.com; secure; expires=Wed, 21-Apr-2021 20:11:04 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Fri, 23-Oct-2020 20:41:04 GMT YSC=ssz4WXDThAI; path=/; domain=.youtube.com; secure; httponly; samesite=None
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
CON_EHCPBC-Logotyps-1-e1588971744368.png
coronavirushealthchats.com/wp-content/uploads/2020/05/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirushealthchats.com/wp-content/uploads/2020/05/CON_EHCPBC-Logotyps-1-e1588971744368.png
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
16efdc5e9e6738560265ffaf3755eb5563ddc46d555bc04b73c1546bfc28db01

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 08 May 2020 21:02:25 GMT
server
nginx
status
200
etag
"5eb5c8e1-a776"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
42870
Conversa-Employee-HealthCheck-phone-image.png
coronavirushealthchats.com/wp-content/uploads/2020/05/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirushealthchats.com/wp-content/uploads/2020/05/Conversa-Employee-HealthCheck-phone-image.png
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
536f6adafc5ece87197308e1ec003b699a296e7415d44f8d38c2e507a08c5524

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 15 May 2020 21:51:18 GMT
server
nginx
status
200
etag
"5ebf0ed6-2b37d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
177021
CON_Coronavirus_CLEARED_EHC_PhonePerson-copy.jpg
coronavirushealthchats.com/wp-content/uploads/2020/05/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirushealthchats.com/wp-content/uploads/2020/05/CON_Coronavirus_CLEARED_EHC_PhonePerson-copy.jpg
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
393157c99a4803e79b823d47e6700a0bc872bde0e2192b46fc643a942d8aab0e

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 08 May 2020 22:23:48 GMT
server
nginx
status
200
etag
"5eb5dbf4-247cf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
149455
UCSF.png
coronavirushealthchats.com/wp-content/uploads/2020/04/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirushealthchats.com/wp-content/uploads/2020/04/UCSF.png
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
ea35569443b3395d8b5d86897a2603a54451c77bd16760920e6f0b4763e9c3e3

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 08 May 2020 19:33:25 GMT
server
nginx
status
200
etag
"5eb5b405-1c2c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
7212
logo.png
coronavirushealthchats.com/wp-content/uploads/2020/03/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronavirushealthchats.com/wp-content/uploads/2020/03/logo.png
Requested by
Host: coronavirushealthchats.com
URL: https://coronavirushealthchats.com/employees/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.57.25 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
25.57.196.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
d6b5676304aab46c75786cc93db7326e06952a38469e7d8340dd94ed852aea10

Request headers

Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 20:11:04 GMT
last-modified
Fri, 08 May 2020 19:33:25 GMT
server
nginx
status
200
etag
"5eb5b405-10122"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
65826
recaptcha__en.js
www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/ 		341 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/T9w1ROdplctW2nVKvNJYXH8o/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=frmRecaptcha&render=explicit&ver=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coronavirushealthchats.com
Referer
https://coronavirushealthchats.com/employees/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 23 Oct 2020 19:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1559
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136962
x-xss-protection
0
last-modified
Mon, 12 Oct 2020 04:11:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 19:45:05 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| dataLayer object| _wpemojiSettings undefined| $ function| jQuery object| SiteParameters string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| twemoji object| wp object| wpcf7 object| Uncode_Privacy_Parameters object| mejsL10n object| _wpmejsSettings object| frm_js function| css_browser_selector function| onYouTubeIframeAPIReady function| vimeoPlayerReady function| whichTransitionEvent function| whichAnimationEvent object| uaInfo object| screenInfo object| dataUriInfo string| css_browser_selector_ns object| evento undefined| player object| OKEvents undefined| options undefined| videoWidth undefined| videoHeight undefined| YTplayers object| youtubePlayers function| uncode_progress_bar function| frmFrontFormJS object| frmFrontForm function| frmRecaptcha function| frmAfterRecaptcha function| frmUpdateField function| frmDeleteEntry function| frmOnSubmit function| frm_resend_email function| requestAnimFrame function| requestTimeout function| clearRequestTimeout object| classie function| wrap function| wrapAll object| UNCODE function| Vivus object| iNoBounce function| FontFaceObserver function| Cookies function| uncode_toolkit_privacy_has_consent object| lazySizes object| mejs function| MediaElement object| HtmlMediaElement function| onYouTubePlayerAPIReady function| DefaultPlayer function| MediaElementPlayer object| BigText object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Waypoint object| browserPrefixes function| ProgressCircle function| vc_pieChart function| Share object| BootstrapTabHistory function| IScroll function| uncode_textfill object| jQuery112407306186829965675 function| waypoint_animation string| waypointContextKey object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

7 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: ssz4WXDThAI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 2A2dwjoZerk
coronavirushealthchats.com/ Name: uncode_privacy[consent_types]
Value: %5B%5D
.coronavirushealthchats.com/ Name: _gat
Value: 1
.coronavirushealthchats.com/ Name: _gcl_au
Value: 1.1.938198321.1603483865
.coronavirushealthchats.com/ Name: _ga
Value: GA1.2.2052100678.1603483864
.coronavirushealthchats.com/ Name: _gid
Value: GA1.2.1507089220.1603483864

1 Console Messages

Source Level URL
Text
console-api log URL: https://coronavirushealthchats.com/wp-content/cache/autoptimize/js/autoptimize_0dd8917d054e60c920c2392babd8d503.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

coronavirushealthchats.com
www.employeehealthcheck.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.196.57.25
107.180.21.53
2a00:1450:4001:802::200e
2a00:1450:4001:809::200e
2a00:1450:4001:816::2003
2a00:1450:4001:819::2004
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
16efdc5e9e6738560265ffaf3755eb5563ddc46d555bc04b73c1546bfc28db01
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
393157c99a4803e79b823d47e6700a0bc872bde0e2192b46fc643a942d8aab0e
536f6adafc5ece87197308e1ec003b699a296e7415d44f8d38c2e507a08c5524
54f3aa37078dcd01911c9da1a5fd753b5834dde5acfd90c5bd55243bba87cf6d
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
767f0bc83f38d7919e3e424e61dbda4519a94691505fa6b8676c9e70662e9826
94e507a63499aa80ea8604a6639f187bf02da1d02a72d65e9695c355cad01085
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b536d8ee96d1b0e79bbe958dbc03aba66ed5397d01a586a73e393f709c7c8620
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c263b8ba1c44ca00215398938d5111325b8551e666d8691eed17b5496479d9bf
cb3bfa3f39f228b5e06fb6ee80aea986056d3253805a59581e6eff051050141d
d63da814454145d25c29e1d657ea41ccb75fc9992456832279fefa0257d9c25b
d6b5676304aab46c75786cc93db7326e06952a38469e7d8340dd94ed852aea10
ea35569443b3395d8b5d86897a2603a54451c77bd16760920e6f0b4763e9c3e3
f94d8923218e5448af099c5c9091a843f1e3fb636a9c8397da40caf5293b9fb4
fdaa8dacfb74b225afba818d49e5f7d34f428cf140b04078d17ed24c17a4920c