urlscan.io logo urlscan.io
SecurityTrails logo

nhstestkit.securegb-ns.com Open in urlscan Pro
146.0.76.95  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nhstestkit.securegb-ns.com/
Effective URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Submission: On May 06 via manual from GB — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 6 domains to perform 21 HTTP transactions. The main IP is 146.0.76.95, located in Netherlands and belongs to HOSTKEY-AS, NL. The main domain is nhstestkit.securegb-ns.com.
TLS certificate: Issued by R3 on May 5th 2022. Valid for: 3 months.
This is the only time nhstestkit.securegb-ns.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NHS UK (Healthcare)

Domain & IP information

IP Address AS Autonomous System
2 13 146.0.76.95 57043 (HOSTKEY-AS)
2 88.221.60.244 16625 (AKAMAI-AS)
3 2a02:26f0:b60... 20940 (AKAMAI-ASN1)
1 65.9.63.33 16509 (AMAZON-02)
1 108.157.4.45 16509 (AMAZON-02)
1 108.157.4.53 16509 (AMAZON-02)
1 2 15.236.176.210 16509 (AMAZON-02)
21 8
13    146.0.76.95 (Netherlands)

ASN57043 (HOSTKEY-AS, NL)
PTR: hawkeye30.myhostcpl.com
nhstestkit.securegb-ns.com
2    88.221.60.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-244.deploy.static.akamaitechnologies.com
assets.nhs.uk
3    2a02:26f0:b600:19a::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    65.9.63.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-33.fra56.r.cloudfront.net
static.hotjar.com
1    108.157.4.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-45.dus51.r.cloudfront.net
script.hotjar.com
1    108.157.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-53.dus51.r.cloudfront.net
vars.hotjar.com
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
nhsdigital.d3.sc.omtrdc.net
Apex Domain
Subdomains		 Transfer
13 securegb-ns.com
nhstestkit.securegb-ns.com
242 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 920
script.hotjar.com — Cisco Umbrella Rank: 1202
vars.hotjar.com — Cisco Umbrella Rank: 1251
72 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 469
17 KB
2 omtrdc.net
nhsdigital.d3.sc.omtrdc.net — Cisco Umbrella Rank: 144867
1 KB
2 assets.nhs.uk
assets.nhs.uk — Cisco Umbrella Rank: 72950
35 KB
0 www.nhs.uk Failed
www.nhs.uk Failed
21 6
Domain Requested by
13 nhstestkit.securegb-ns.com 2 redirects nhstestkit.securegb-ns.com
3 assets.adobedtm.com nhstestkit.securegb-ns.com
2 nhsdigital.d3.sc.omtrdc.net 1 redirects
2 assets.nhs.uk nhstestkit.securegb-ns.com
1 vars.hotjar.com nhstestkit.securegb-ns.com
1 script.hotjar.com nhstestkit.securegb-ns.com
1 static.hotjar.com nhstestkit.securegb-ns.com
0 www.nhs.uk Failed nhstestkit.securegb-ns.com
21 8

This site contains no links.

Subject Issuer Validity Valid
securegb-ns.com
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
www.nhs.uk
DigiCert SHA2 Secure Server CA		 2021-07-16 -
2022-08-07		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh

This page contains 3 frames:

Primary Page: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Frame ID: 32C3BA273FF4D9F5552EA5D56EB86D56
Requests: 20 HTTP requests in this frame

Frame: https://nhstestkit.securegb-ns.com/index_files/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 2228344BB334C9DBC3E06292E8CC18BE
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: C9F4C78EA808B2EEDB9636E5B3AD0F3C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Rapid lateral flow coronavirus (COVID-19) tests - NHS

Page URL History Show full URLs

  1. http://nhstestkit.securegb-ns.com/ HTTP 301
    https://nhstestkit.securegb-ns.com/ HTTP 302
    https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUg... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

21
Requests

90 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

8
IPs

5
Countries

365 kB
Transfer

1411 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nhstestkit.securegb-ns.com/ HTTP 301
    https://nhstestkit.securegb-ns.com/ HTTP 302
    https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s77331367245356?AQB=1&ndh=1&pf=1&t=6%2F4%2F2022%209%3A30%3A4%205%200&fid=3D76446A303B6690-180BE8E053FFE451&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fnhstestkit.securegb-ns.com%2Fhome.php%3FPwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS&cc=GBP&ch=conditions&server=nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=9%3A30%20AM%7CFriday&c21=2022-05-06T09%3A30%3A04.064Z&c22=10%3A30%20AM%7CFriday&c23=482&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s77331367245356?AQB=1&pccr=true&vidn=313A754E4F7CFFE3-40001B4236828C66&ndh=1&pf=1&t=6%2F4%2F2022%209%3A30%3A4%205%200&fid=3D76446A303B6690-180BE8E053FFE451&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fnhstestkit.securegb-ns.com%2Fhome.php%3FPwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS&cc=GBP&ch=conditions&server=nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=9%3A30%20AM%7CFriday&c21=2022-05-06T09%3A30%3A04.064Z&c22=10%3A30%20AM%7CFriday&c23=482&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
nhstestkit.securegb-ns.com/
Redirect Chain
  • http://nhstestkit.securegb-ns.com/
  • https://nhstestkit.securegb-ns.com/
  • https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
51 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed / PHP/7.3.31
Resource Hash
e52b76e183051a5d5bf4c926d646216fd382301dc88defd7f72733f78f14a201

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 06 May 2022 09:30:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.3.31

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 May 2022 09:30:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.3.31
FrutigerLTW01-55Roman.woff2
assets.nhs.uk/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nhs.uk/fonts/FrutigerLTW01-55Roman.woff2
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-244.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://nhstestkit.securegb-ns.com/
Origin
https://nhstestkit.securegb-ns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 May 2022 09:30:03 GMT
content-md5
lRIDEWIJgHewKikdW/afDg==
content-length
17284
x-ms-lease-status
unlocked
last-modified
Tue, 09 Apr 2019 10:17:13 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6BCD488B0257A
strict-transport-security
max-age=300
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
9b836279-901e-003a-7f08-1aebe6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=2628288
x-ms-version
2009-09-19
expires
Sun, 05 Jun 2022 19:34:51 GMT
FrutigerLTW01-65Bold.woff2
assets.nhs.uk/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.woff2
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.60.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-244.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://nhstestkit.securegb-ns.com/
Origin
https://nhstestkit.securegb-ns.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 06 May 2022 09:30:03 GMT
content-md5
OPdl6/MQFVFaVJuAqOKjeg==
content-length
17216
x-ms-lease-status
unlocked
last-modified
Tue, 09 Apr 2019 10:17:14 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D6BCD48962A5B8
strict-transport-security
max-age=300
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
f4c85fc0-801e-0048-01cf-3e9ad8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=2628288
x-ms-version
2009-09-19
expires
Sun, 05 Jun 2022 19:34:51 GMT
main.d6fa8cab6d0e.css
nhstestkit.securegb-ns.com/index_files/ 		137 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/main.d6fa8cab6d0e.css
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
822937bdcf5a4a400f5236843f29323f9c05c102a376ab9438f0f344983d9cda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
18007
expires
Fri, 13 May 2022 09:30:02 GMT
main.6b0c2c5a3207.js
nhstestkit.securegb-ns.com/index_files/ 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/main.6b0c2c5a3207.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
ffdd2978993b2b7574644fd0806edd7260e5c7a0c83a5c4a2405bcb979678e8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
20628
expires
Fri, 13 May 2022 09:30:02 GMT
cookie-consent.js
nhstestkit.securegb-ns.com/index_files/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/cookie-consent.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
a06707ef7ed508c05e3888e979d650fddbb5de7cc7e7cdcf997abc874e2e4410

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
33346
expires
Fri, 13 May 2022 09:30:02 GMT
launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
nhstestkit.securegb-ns.com/index_files/ 		331 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
c94c5c375bf0d9816df714a38f88a44d73bc8dffb7f0c86c6968547257a4d6fe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
64683
expires
Fri, 13 May 2022 09:30:02 GMT
hotjar-681718.js
nhstestkit.securegb-ns.com/index_files/ 		57 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/hotjar-681718.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
e4216ddeacf53272d493b2f199290b2212c71eae31127376384d8a386ab7b214

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
9705
expires
Fri, 13 May 2022 09:30:02 GMT
modules.bb718fa7305d844e18c3.js
nhstestkit.securegb-ns.com/index_files/ 		236 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/modules.bb718fa7305d844e18c3.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
8526a09c33a014a11a744032b5116917c4257a2ec5558cff70061a6103c27fc5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
72933
expires
Fri, 13 May 2022 09:30:02 GMT
AppMeasurement.min.js
nhstestkit.securegb-ns.com/index_files/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/AppMeasurement.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:19 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
11852
expires
Fri, 13 May 2022 09:30:02 GMT
AppMeasurement_Module_ActivityMap.min.js
nhstestkit.securegb-ns.com/index_files/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1495
expires
Fri, 13 May 2022 09:30:02 GMT
RC6896c8c0c349424b90489027862f3593-source.min.js
nhstestkit.securegb-ns.com/index_files/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/RC6896c8c0c349424b90489027862f3593-source.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
2e48fe4dcacf2bf77c649d8be5b0f0de717f63a9d1fb28f23d69da6251896219

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:02 GMT
content-encoding
br
last-modified
Thu, 24 Feb 2022 22:04:20 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2531
expires
Fri, 13 May 2022 09:30:02 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:19a::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:03 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:26 GMT
server
AkamaiNetStorage
etag
"85722a02b6a7feb74d08ac7875516bee:1642630706.903013"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://nhstestkit.securegb-ns.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12243
expires
Fri, 06 May 2022 10:30:03 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPa06d4a70bf964e93808ee073533d9238/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:19a::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:03 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 22:18:27 GMT
server
AkamaiNetStorage
etag
"9355415074dbdbd216a19b61ce931ab2:1642630707.219535"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://nhstestkit.securegb-ns.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1599
expires
Fri, 06 May 2022 10:30:03 GMT
hotjar-681718.js
static.hotjar.com/c/ 		50 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-681718.js?sv=6
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-33.fra56.r.cloudfront.net
Software
/
Resource Hash
5542fa564ef0d5ed0a59c5b08d18a577d7c7592aae118ae9defe9edbbc33b30a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
16
etag
W/fc070ac1b5bda8195ef58c63f44a670a
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
iuXMeIAZJPbvBczTrVX8vN7bjofDU3boVhsJV0T0zBkRxene41-t0w==
via
1.1 58c21e16c9e093deb494fbb4de260efa.cloudfront.net (CloudFront)
box-acca23410e696f2ca3087d947271c3d0.html
nhstestkit.securegb-ns.com/index_files/ Frame 2228 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nhstestkit.securegb-ns.com/index_files/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.0.76.95 , Netherlands, ASN57043 (HOSTKEY-AS, NL),
Reverse DNS
hawkeye30.myhostcpl.com
Software
LiteSpeed /
Resource Hash
4b1b66032602ffa5d1e94641610347dcea8bb76bb34b455d9cbcf47e1e50253d

Request headers

Referer
https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-encoding
br
content-length
1207
content-type
text/html
date
Fri, 06 May 2022 09:30:02 GMT
last-modified
Thu, 24 Feb 2022 22:04:20 GMT
server
LiteSpeed
vary
Accept-Encoding
truncated
/ 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
modules.bb718fa7305d844e18c3.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.bb718fa7305d844e18c3.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/index_files/hotjar-681718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-45.dus51.r.cloudfront.net
Software
/
Resource Hash
8526a09c33a014a11a744032b5116917c4257a2ec5558cff70061a6103c27fc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 08:42:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
6137277
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
62922
access-control-allow-origin
*
last-modified
Thu, 24 Feb 2022 08:41:23 GMT
etag
"abb0d12e8b066849ad1f66b29efeba72"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
8-1kd48rGXt3fPgszpEKjFz8WNbNo8IBo5yPeigQIedCLOCXPlHHqA==
RC6896c8c0c349424b90489027862f3593-source.min.js
assets.adobedtm.com/f8560165ec6a/5d3b7fb65898/24297b4a2f0a/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/f8560165ec6a/5d3b7fb65898/24297b4a2f0a/RC6896c8c0c349424b90489027862f3593-source.min.js
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/index_files/launch-ENe7f6cdd7cc05409b86547d9153429788.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:b600:19a::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
2e48fe4dcacf2bf77c649d8be5b0f0de717f63a9d1fb28f23d69da6251896219

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:03 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:43:25 GMT
server
AkamaiNetStorage
etag
"cf745af450ba08187318cf82330038ab:1643622205.266963"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://nhstestkit.securegb-ns.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
2715
expires
Fri, 06 May 2022 10:30:03 GMT
/
www.nhs.uk/our-policies/cookies-policy/ 		0
0
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame C9F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: nhstestkit.securegb-ns.com
URL: https://nhstestkit.securegb-ns.com/index_files/hotjar-681718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-53.dus51.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Referer
https://nhstestkit.securegb-ns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
7864677
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 04 Feb 2022 08:52:06 GMT
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
vary
Accept-Encoding
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-id
PM1Llfk2qzxzfzp1L7SxI2jfXLtsl1QOMZapg3yibCBgPnj1Syn6Vg==
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
x-robots-tag
none
s77331367245356
nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/
Redirect Chain
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s77331367245356?AQB=1&ndh=1&pf=1&t=6%2F4%2F2022%209%3A30%3A4%205%200&fid=3D76446A303B6690-180BE8E053FFE451&ce=UTF-8&ns=nhsdigita...
  • https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s77331367245356?AQB=1&pccr=true&vidn=313A754E4F7CFFE3-40001B4236828C66&ndh=1&pf=1&t=6%2F4%2F2022%209%3A30%3A4%205%200&fid=3D7644...
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s77331367245356?AQB=1&pccr=true&vidn=313A754E4F7CFFE3-40001B4236828C66&ndh=1&pf=1&t=6%2F4%2F2022%209%3A30%3A4%205%200&fid=3D76446A303B6690-180BE8E053FFE451&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fnhstestkit.securegb-ns.com%2Fhome.php%3FPwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS&cc=GBP&ch=conditions&server=nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=9%3A30%20AM%7CFriday&c21=2022-05-06T09%3A30%3A04.064Z&c22=10%3A30%20AM%7CFriday&c23=482&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nhstestkit.securegb-ns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 09:30:04 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 07 May 2022 09:30:04 GMT
server
jag
xserver
anedge-b4b698fcd-wszwf
etag
3547276635079016448-4619568815815721159
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 05 May 2022 09:30:04 GMT

Redirect headers

date
Fri, 06 May 2022 09:30:04 GMT
x-content-type-options
nosniff
x-c
main-1640.Id95fac.M0-564
p3p
CP="This is not a P3P policy"
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
location
https://nhsdigital.d3.sc.omtrdc.net/b/ss/nhsuk-prod/1/JS-2.22.4-LBWB/s77331367245356?AQB=1&pccr=true&vidn=313A754E4F7CFFE3-40001B4236828C66&ndh=1&pf=1&t=6%2F4%2F2022%209%3A30%3A4%205%200&fid=3D76446A303B6690-180BE8E053FFE451&ce=UTF-8&ns=nhsdigital&cdp=2&fpCookieDomainPeriods=3&pageName=nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&g=https%3A%2F%2Fnhstestkit.securegb-ns.com%2Fhome.php%3FPwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS&cc=GBP&ch=conditions&server=nhstestkit.securegb-ns.com&events=event1&c1=coronavirus-covid-19&v1=D%3DpageName&c2=testing&v2=D%3Dg&c3=regular-rapid-coronavirus-tests-if-you-do-not-have-symptoms&v3=D%3Dc4&c5=D%3Dg&c10=New&v10=D%3Dc10&c11=D%3Dmid&v12=9%3A30%20AM%7CFriday&c21=2022-05-06T09%3A30%3A04.064Z&c22=10%3A30%20AM%7CFriday&c23=482&c53=n%2Fa&c75=web&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified
Sat, 07 May 2022 09:30:04 GMT
server
jag
xserver
anedge-b4b698fcd-x7pz9
vary
Origin
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 05 May 2022 09:30:04 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.nhs.uk
URL
https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NHS UK (Healthcare)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| digitalData object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| hj object| _hjSettings object| NHSUK_SETTINGS object| core object| __core-js_shared__ object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| NHSCookieConsent function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s number| s_loadT object| s_i_nhsuk-prod

7 Cookies

Domain/Path Name / Value
nhstestkit.securegb-ns.com/ Name: PHPSESSID
Value: 04497760f3e4c33b14599b262b371f76
nhstestkit.securegb-ns.com/ Name: nhsuk-cookie-consent
Value: %7B%22necessary%22%3Atrue%2C%22preferences%22%3Afalse%2C%22statistics%22%3Afalse%2C%22marketing%22%3Afalse%2C%22consented%22%3Afalse%2C%22version%22%3A3%7D
.nhstestkit.securegb-ns.com/ Name: s_fid
Value: 3D76446A303B6690-180BE8E053FFE451
.nhstestkit.securegb-ns.com/ Name: s_getNewRepeat
Value: 1651829404063-New
.nhstestkit.securegb-ns.com/ Name: s_ppn
Value: nhs%3Aweb%3Aconditions%3Acoronavirus-covid-19%3Atesting%3Aregular-rapid-coronavirus-tests-if-you-do-not-have-symptoms
.nhstestkit.securegb-ns.com/ Name: s_cc
Value: true
.nhsdigital.d3.sc.omtrdc.net/ Name: s_vi
Value: [CS]v1|313A754E4F7CFFE3-40001B4236828C66[CE]

2 Console Messages

Source Level URL
Text
javascript error URL: https://nhstestkit.securegb-ns.com/home.php?PwSIacCOSZm7pvVll11kUZRx704zArU87H4cq4dkqMHEi60q1pDXHV9GWyiiS7lzBUgQ26DaKrS
Message:
Access to XMLHttpRequest at 'https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen' from origin 'https://nhstestkit.securegb-ns.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.nhs.uk/our-policies/cookies-policy/?policy-action=seen
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
assets.nhs.uk
nhsdigital.d3.sc.omtrdc.net
nhstestkit.securegb-ns.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.nhs.uk
www.nhs.uk
108.157.4.45
108.157.4.53
146.0.76.95
15.236.176.210
2a02:26f0:b600:19a::1e80
65.9.63.33
88.221.60.244
055e467aa53a9c0272d805bbc009ade8c74df5a8c1255271d753ac78fe179873
2e48fe4dcacf2bf77c649d8be5b0f0de717f63a9d1fb28f23d69da6251896219
453c06b657dfde66cb3a88a952795b75884a028f7397d20c2d4c071bc58c719c
4b1b66032602ffa5d1e94641610347dcea8bb76bb34b455d9cbcf47e1e50253d
5542fa564ef0d5ed0a59c5b08d18a577d7c7592aae118ae9defe9edbbc33b30a
822937bdcf5a4a400f5236843f29323f9c05c102a376ab9438f0f344983d9cda
8526a09c33a014a11a744032b5116917c4257a2ec5558cff70061a6103c27fc5
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
a06707ef7ed508c05e3888e979d650fddbb5de7cc7e7cdcf997abc874e2e4410
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
c94c5c375bf0d9816df714a38f88a44d73bc8dffb7f0c86c6968547257a4d6fe
d4e77c7411d1de6efebf4278b9c98aa77dc2e5186cee271ac256138f17bef9f4
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e4216ddeacf53272d493b2f199290b2212c71eae31127376384d8a386ab7b214
e52b76e183051a5d5bf4c926d646216fd382301dc88defd7f72733f78f14a201
ffdd2978993b2b7574644fd0806edd7260e5c7a0c83a5c4a2405bcb979678e8a