urlscan.io logo urlscan.io
SecurityTrails logo

www.nhstestkit.securegb-ns.com Open in urlscan Pro
146.0.76.95  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.nhstestkit.securegb-ns.com/
Effective URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Submission: On May 05 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 146.0.76.95, located in Netherlands and belongs to HOSTKEY-AS, NL. The main domain is www.nhstestkit.securegb-ns.com.
TLS certificate: Issued by R3 on May 5th 2022. Valid for: 3 months.
This is the only time www.nhstestkit.securegb-ns.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NHS UK (Healthcare)

Domain & IP information

IP Address AS Autonomous System
1 12 146.0.76.95 57043 (HOSTKEY-AS)
2 96.16.146.114 16625 (AKAMAI-AS)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 108.138.7.31 16509 (AMAZON-02)
1 18.66.139.68 16509 (AMAZON-02)
1 18.66.139.28 16509 (AMAZON-02)
1 2 13.36.218.177 16509 (AMAZON-02)
21 8
12    146.0.76.95 (Netherlands)

ASN57043 (HOSTKEY-AS, NL)
PTR: hawkeye30.myhostcpl.com
www.nhstestkit.securegb-ns.com
2    96.16.146.114 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-146-114.deploy.static.akamaitechnologies.com
assets.nhs.uk
3    2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    108.138.7.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-31.fra56.r.cloudfront.net
static.hotjar.com
1    18.66.139.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-68.fra60.r.cloudfront.net
script.hotjar.com
1    18.66.139.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-28.fra60.r.cloudfront.net
vars.hotjar.com
2    13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
nhsdigital.d3.sc.omtrdc.net
Apex Domain
Subdomains		 Transfer
12 securegb-ns.com
www.nhstestkit.securegb-ns.com
242 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 920
script.hotjar.com — Cisco Umbrella Rank: 1202
vars.hotjar.com — Cisco Umbrella Rank: 1251
71 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 469
17 KB
2 omtrdc.net
nhsdigital.d3.sc.omtrdc.net — Cisco Umbrella Rank: 144867
1 KB
2 assets.nhs.uk
assets.nhs.uk — Cisco Umbrella Rank: 72950
35 KB
0 www.nhs.uk Failed
www.nhs.uk Failed
21 6
Domain Requested by
12 www.nhstestkit.securegb-ns.com 1 redirects www.nhstestkit.securegb-ns.com
3 assets.adobedtm.com www.nhstestkit.securegb-ns.com
2 nhsdigital.d3.sc.omtrdc.net 1 redirects
2 assets.nhs.uk www.nhstestkit.securegb-ns.com
1 vars.hotjar.com www.nhstestkit.securegb-ns.com
1 script.hotjar.com www.nhstestkit.securegb-ns.com
1 static.hotjar.com www.nhstestkit.securegb-ns.com
0 www.nhs.uk Failed www.nhstestkit.securegb-ns.com
21 8

This site contains no links.

Subject Issuer Validity Valid
securegb-ns.com
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
www.nhs.uk
DigiCert SHA2 Secure Server CA		 2021-07-16 -
2022-08-07		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Frame ID: AADBB4E4318486EA39FB606CE23CF0EF
Requests: 20 HTTP requests in this frame

Frame: https://www.nhstestkit.securegb-ns.com/index_files/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 49988B2E37E8F1CAF80B1FFF691696E4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 82B6145210D329B293810E8EE6853174
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rapid lateral flow coronavirus (COVID-19) tests - NHS

Page URL History Show full URLs

  1. https://www.nhstestkit.securegb-ns.com/ HTTP 302
    https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

21
Requests

90 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

364 kB
Transfer

1404 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.nhstestkit.securegb-ns.com/ HTTP 302
    https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s01155100020574?AQB=1&ndh=1&pf=1&t=5%2F4%2F2022%2013%3A18%3A3%204%200&fid=478E888CCFD5C5E6-31E139098ABEFE50&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fwww.nhstestkit.securegb-ns.com%2Fhome.php%3FnvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD&cc=GBP&ch=conditions&server=www.nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=1%3A18%20PM%7CThursday&c21=2022-05-05T13%3A18%3A03.205Z&c22=2%3A18%20PM%7CThursday&c23=552&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s01155100020574?AQB=1&pccr=true&vidn=3139E745920476AD-60000920F495D4CD&ndh=1&pf=1&t=5%2F4%2F2022%2013%3A18%3A3%204%200&fid=478E888CCFD5C5E6-31E139098ABEFE50&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fwww.nhstestkit.securegb-ns.com%2Fhome.php%3FnvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD&cc=GBP&ch=conditions&server=www.nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=1%3A18%20PM%7CThursday&c21=2022-05-05T13%3A18%3A03.205Z&c22=2%3A18%20PM%7CThursday&c23=552&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
www.nhstestkit.securegb-ns.com/
Redirect Chain
  • https://www.nhstestkit.securegb-ns.com/
  • https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
51 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed / PHP/7.3.31
Resource Hash
2b1e2e0fafe42e72cb93c8b2217a8711924d1552df545751a50c2b8eacf6de9f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 05 May 2022 13:18:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.3.31

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 05 May 2022 13:18:01 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.3.31
FrutigerLTW01-55Roman.woff2
assets.nhs.uk/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nhs.uk/fonts/FrutigerLTW01-55Roman.woff2
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.146.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-114.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.nhstestkit.securegb-ns.com/
Origin
https://www.nhstestkit.securegb-ns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 13:18:02 GMT
content-md5
lRIDEWIJgHewKikdW/afDg==
content-length
17284
x-ms-lease-status
unlocked
last-modified
Tue, 09 Apr 2019 10:17:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6BCD488B0257A
strict-transport-security
max-age=300
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
3c6ee1df-501e-0063-0247-ceee60000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=2628288
x-ms-version
2009-09-19
expires
Sat, 04 Jun 2022 23:22:50 GMT
FrutigerLTW01-65Bold.woff2
assets.nhs.uk/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.woff2
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.16.146.114 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-114.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.nhstestkit.securegb-ns.com/
Origin
https://www.nhstestkit.securegb-ns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 05 May 2022 13:18:02 GMT
content-md5
OPdl6/MQFVFaVJuAqOKjeg==
content-length
17216
x-ms-lease-status
unlocked
last-modified
Tue, 09 Apr 2019 10:17:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6BCD48962A5B8
strict-transport-security
max-age=300
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
80dbecb9-701e-005d-4547-ce5841000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=2628288
x-ms-version
2009-09-19
expires
Sat, 04 Jun 2022 23:22:50 GMT
main.d6fa8cab6d0e.css
www.nhstestkit.securegb-ns.com/index_files/ 		137 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/main.d6fa8cab6d0e.css
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
822937bdcf5a4a400f5236843f29323f9c05c102a376ab9438f0f344983d9cda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18007
expires
Thu, 12 May 2022 13:18:01 GMT
main.6b0c2c5a3207.js
www.nhstestkit.securegb-ns.com/index_files/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/main.6b0c2c5a3207.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
ffdd2978993b2b7574644fd0806edd7260e5c7a0c83a5c4a2405bcb979678e8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20628
expires
Thu, 12 May 2022 13:18:01 GMT
cookie-consent.js
www.nhstestkit.securegb-ns.com/index_files/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/cookie-consent.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
a06707ef7ed508c05e3888e979d650fddbb5de7cc7e7cdcf997abc874e2e4410

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33346
expires
Thu, 12 May 2022 13:18:01 GMT
launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
www.nhstestkit.securegb-ns.com/index_files/ 		331 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
c94c5c375bf0d9816df714a38f88a44d73bc8dffb7f0c86c6968547257a4d6fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
64683
expires
Thu, 12 May 2022 13:18:01 GMT
hotjar-681718.js
www.nhstestkit.securegb-ns.com/index_files/ 		57 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/hotjar-681718.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
e4216ddeacf53272d493b2f199290b2212c71eae31127376384d8a386ab7b214

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9705
expires
Thu, 12 May 2022 13:18:01 GMT
modules.bb718fa7305d844e18c3.js
www.nhstestkit.securegb-ns.com/index_files/ 		236 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/modules.bb718fa7305d844e18c3.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
8526a09c33a014a11a744032b5116917c4257a2ec5558cff70061a6103c27fc5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
72933
expires
Thu, 12 May 2022 13:18:01 GMT
AppMeasurement.min.js
www.nhstestkit.securegb-ns.com/index_files/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/AppMeasurement.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11852
expires
Thu, 12 May 2022 13:18:01 GMT
AppMeasurement_Module_ActivityMap.min.js
www.nhstestkit.securegb-ns.com/index_files/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1495
expires
Thu, 12 May 2022 13:18:01 GMT
RC6896c8c0c349424b90489027862f3593-source.min.js
www.nhstestkit.securegb-ns.com/index_files/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/RC6896c8c0c349424b90489027862f3593-source.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
2e48fe4dcacf2bf77c649d8be5b0f0de717f63a9d1fb28f23d69da6251896219

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:01 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2531
expires
Thu, 12 May 2022 13:18:01 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:02 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:26 GMT
server
AkamaiNetStorage
etag
"85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.nhstestkit.securegb-ns.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12243
expires
Thu, 05 May 2022 14:18:02 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:02 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.nhstestkit.securegb-ns.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1599
expires
Thu, 05 May 2022 14:18:02 GMT
hotjar-681718.js
static.hotjar.com/c/ 		42 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-681718.js?sv=6
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-31.fra56.r.cloudfront.net
Software
/
Resource Hash
cef61de709b62e3c4c6e33af08b4c37bd3c8e466d7732de39b5ede25d5fb6346
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:17:40 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
32
etag
W/8fe0e0ec44fc0b07c72a3d644d62e023
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
aFv6_j3BKtUuno7zddfS4t4EAAMud2i2DPH7Epeb-JPgZuMoha-E6w==
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
box-acca23410e696f2ca3087d947271c3d0.html
www.nhstestkit.securegb-ns.com/index_files/ Frame 4998 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nhstestkit.securegb-ns.com/index_files/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
4b1b66032602ffa5d1e94641610347dcea8bb76bb34b455d9cbcf47e1e50253d

Request headers

Referer
https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
1207
content-type
text/html
date
Thu, 05 May 2022 13:18:01 GMT
last-modified
Thu, 24 Feb 2022 22:04:20 GMT
server
LiteSpeed
vary
Accept-Encoding
truncated
/ 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
modules.bb718fa7305d844e18c3.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bb718fa7305d844e18c3.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/index_files/hotjar-681718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-68.fra60.r.cloudfront.net
Software
/
Resource Hash
8526a09c33a014a11a744032b5116917c4257a2ec5558cff70061a6103c27fc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
6064556
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62922
access-control-allow-origin
*
last-modified
Thu, 24 Feb 2022 08:41:23 GMT
etag
"abb0d12e8b066849ad1f66b29efeba72"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
pR-Fv3mQjX0lnprwOqeCyfYlgnohhr77_Y17qvFWCJ77fJeHEaPlAw==
RC6896c8c0c349424b90489027862f3593-source.min.js
assets.adobedtm.com/f8560165ec6a/5d3b7fb65898/24297b4a2f0a/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/f8560165ec6a/5d3b7fb65898/24297b4a2f0a/RC6896c8c0c349424b90489027862f3593-source.min.js
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2e48fe4dcacf2bf77c649d8be5b0f0de717f63a9d1fb28f23d69da6251896219

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:02 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:43:25 GMT
server
AkamaiNetStorage
etag
"cf745af450ba08187318cf82330038ab:1643622205.266963"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.nhstestkit.securegb-ns.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2715
expires
Thu, 05 May 2022 14:18:02 GMT
/
www.nhs.uk/our-policies/cookies-policy/ 		0
0
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 82B6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: www.nhstestkit.securegb-ns.com
URL: https://www.nhstestkit.securegb-ns.com/index_files/hotjar-681718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-28.fra60.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Referer
https://www.nhstestkit.securegb-ns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
7791957
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-id
AB1jipK3DkPQESSngiev0QYFqrVS1pNrgcE8ufn2rZIcaEXOBpHsyQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
s01155100020574
nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/
Redirect Chain
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s01155100020574?AQB=1&ndh=1&pf=1&t=5%2F4%2F2022%2013%3A18%3A3%204%200&fid=478E888CCFD5C5E6-31E139098ABEFE50&ce=UTF-8&ns=nhsdigit...
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s01155100020574?AQB=1&pccr=true&vidn=3139E745920476AD-60000920F495D4CD&ndh=1&pf=1&t=5%2F4%2F2022%2013%3A18%3A3%204%200&fid=478E8...
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s01155100020574?AQB=1&pccr=true&vidn=3139E745920476AD-60000920F495D4CD&ndh=1&pf=1&t=5%2F4%2F2022%2013%3A18%3A3%204%200&fid=478E888CCFD5C5E6-31E139098ABEFE50&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fwww.nhstestkit.securegb-ns.com%2Fhome.php%3FnvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD&cc=GBP&ch=conditions&server=www.nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=1%3A18%20PM%7CThursday&c21=2022-05-05T13%3A18%3A03.205Z&c22=2%3A18%20PM%7CThursday&c23=552&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:18:03 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Fri, 06 May 2022 13:18:03 GMT
server
jag
xserver
anedge-b4b698fcd-79zld
etag
3547120467880017920-4619459344790343491
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 04 May 2022 13:18:03 GMT

Redirect headers

date
Thu, 05 May 2022 13:18:03 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
location
https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s01155100020574?AQB=1&pccr=true&vidn=3139E745920476AD-60000920F495D4CD&ndh=1&pf=1&t=5%2F4%2F2022%2013%3A18%3A3%204%200&fid=478E888CCFD5C5E6-31E139098ABEFE50&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fwww.nhstestkit.securegb-ns.com%2Fhome.php%3FnvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD&cc=GBP&ch=conditions&server=www.nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=1%3A18%20PM%7CThursday&c21=2022-05-05T13%3A18%3A03.205Z&c22=2%3A18%20PM%7CThursday&c23=552&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified
Fri, 06 May 2022 13:18:03 GMT
server
jag
xserver
anedge-b4b698fcd-ps56w
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Wed, 04 May 2022 13:18:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.nhs.uk
URL
https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NHS UK (Healthcare)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| digitalData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| hj object| _hjSettings object| NHSUK_SETTINGS function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| AppMeasurement_Module_ActivityMap object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| NHSCookieConsent object| s number| s_loadT object| s_i_nhsuk-prod

7 Cookies

Domain/Path Name / Value
www.nhstestkit.securegb-ns.com/ Name: PHPSESSID
Value: 34e6b4b450c9669b60f6652ab3dd91a6
www.nhstestkit.securegb-ns.com/ Name: nhsuk-cookie-consent
Value: %7B%22necessary%22%3Atrue%2C%22preferences%22%3Afalse%2C%22statistics%22%3Afalse%2C%22marketing%22%3Afalse%2C%22consented%22%3Afalse%2C%22version%22%3A3%7D
.nhstestkit.securegb-ns.com/ Name: s_fid
Value: 478E888CCFD5C5E6-31E139098ABEFE50
.nhstestkit.securegb-ns.com/ Name: s_getNewRepeat
Value: 1651756683204-New
.nhstestkit.securegb-ns.com/ Name: s_ppn
Value: nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms
.nhstestkit.securegb-ns.com/ Name: s_cc
Value: true
.nhsdigital.d3.sc.omtrdc.net/ Name: s_vi
Value: [CS]v1|3139E745920476AD-60000920F495D4CD[CE]

2 Console Messages

Source Level URL
Text
javascript error URL: https://www.nhstestkit.securegb-ns.com/home.php?nvD0OLeRA7u7EmCP2n6fe989hbW34AS2U9M0Xke5d3deWc89fL8s2Zsn6zApM8ti6G9Q36u05vD
Message:
Access to XMLHttpRequest at 'https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen' from origin 'https://www.nhstestkit.securegb-ns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
assets.nhs.uk
nhsdigital.d3.sc.omtrdc.net
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.nhs.uk
www.nhstestkit.securegb-ns.com
www.nhs.uk
108.138.7.31
13.36.218.177
146.0.76.95
18.66.139.28
18.66.139.68
2a02:26f0:3500:587::1e80
96.16.146.114
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
2b1e2e0fafe42e72cb93c8b2217a8711924d1552df545751a50c2b8eacf6de9f
2e48fe4dcacf2bf77c649d8be5b0f0de717f63a9d1fb28f23d69da6251896219
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c
4b1b66032602ffa5d1e94641610347dcea8bb76bb34b455d9cbcf47e1e50253d
822937bdcf5a4a400f5236843f29323f9c05c102a376ab9438f0f344983d9cda
8526a09c33a014a11a744032b5116917c4257a2ec5558cff70061a6103c27fc5
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
a06707ef7ed508c05e3888e979d650fddbb5de7cc7e7cdcf997abc874e2e4410
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
c94c5c375bf0d9816df714a38f88a44d73bc8dffb7f0c86c6968547257a4d6fe
cef61de709b62e3c4c6e33af08b4c37bd3c8e466d7732de39b5ede25d5fb6346
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e4216ddeacf53272d493b2f199290b2212c71eae31127376384d8a386ab7b214
ffdd2978993b2b7574644fd0806edd7260e5c7a0c83a5c4a2405bcb979678e8a