Submitted URL: http://links.cruisecontroldiet.com/a/1195/click/2996/618400/77390211ad3795d02095d3d93824eb350508fe4a/7cee961b5478c2c4ec079494e0ebe78a0d6b09da
Effective URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Submission: On July 13 via manual from US

Summary

This website contacted 14 IPs in 5 countries across 17 domains to perform 28 HTTP transactions.
The main IP is 192.135.136.170, located in United States and belongs to AGORA - Monument & Cathedral Holdings, Inc., US. The main domain is pro.urgenthealthreports.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 7th 2018. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.92.4 15169 (GOOGLE)
2 2 67.225.147.188 32244 (LIQUIDWEB)
1 1 52.30.115.90 16509 (AMAZON-02)
1 4 192.135.136.170 11372 (AGORA)
1 2a00:1450:400... 15169 (GOOGLE)
1 209.197.3.15 20446 (HIGHWINDS3)
1 205.185.208.52 20446 (HIGHWINDS3)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a04:4e42:1b:... 54113 (FASTLY)
28 14
Domain
Subdomains
Transfer
9 newmarkethealth.com
2 MB
4 nmhfiles.com
43 KB
4 urgenthealthreports.com
54 KB
3 cruisecontroldiet.com
1 KB
2 google-analytics.com
18 KB
1 wistia.com
fast.wistia.com Failed
108 KB
1 lytics.io
0 B
1 google.de
374 B
1 google.com
354 B
1 doubleclick.net
350 B
1 facebook.net
17 KB
1 web-purchases.com
340 KB
1 googletagmanager.com
24 KB
1 jquery.com
33 KB
1 bootstrapcdn.com
21 KB
1 fonts.googleapis.com
526 B
1 undergroundcures6.com
1 KB
28 17
Domain Requested by
9 files.admin.newmarkethealth.com pro.urgenthealthreports.com
4 nmhfiles.com pro.urgenthealthreports.com
4 pro.urgenthealthreports.com 1 redirects pro.urgenthealthreports.com
2 www.google-analytics.com 1 redirects pro.urgenthealthreports.com
2 www.cruisecontroldiet.com 2 redirects
1 fast.wistia.com pro.urgenthealthreports.com
pro.urgenthealthreports.com
pro.urgenthealthreports.com
1 c.lytics.io pro.urgenthealthreports.com
1 www.google.de pro.urgenthealthreports.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 connect.facebook.net pro.urgenthealthreports.com
1 images.web-purchases.com pro.urgenthealthreports.com
1 www.googletagmanager.com pro.urgenthealthreports.com
1 code.jquery.com pro.urgenthealthreports.com
1 stackpath.bootstrapcdn.com pro.urgenthealthreports.com
1 fonts.googleapis.com pro.urgenthealthreports.com
1 tracking.undergroundcures6.com 1 redirects
1 links.cruisecontroldiet.com 1 redirects
28 18

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
ordertracking.pubsvs.com
Entrust Certification Authority - L1K
2018-11-07 -
2020-07-21
2 years
*.googleapis.com
Google Internet Authority G3
2019-06-18 -
2019-09-10
3 months
*.bootstrapcdn.com
COMODO RSA Domain Validation Secure Server CA
2018-10-03 -
2019-10-12
a year
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years
ssl901312.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-14 -
2019-11-20
6 months
files.iris.pubsvs.com
Entrust Certification Authority - L1K
2019-05-02 -
2020-01-23
9 months
*.google-analytics.com
Google Internet Authority G3
2019-06-18 -
2019-09-10
3 months
images.web-purchases.com
Go Daddy Secure Certificate Authority - G2
2019-04-29 -
2021-05-03
2 years
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-06-06 -
2019-09-04
3 months
www.google.de
Google Internet Authority G3
2019-06-18 -
2019-09-10
3 months
ssl379818.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-05-28 -
2019-12-04
6 months
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-04-10 -
2020-03-21
a year

Screenshot



Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set ?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
/p/NAH180807A/LNAHU993
Redirect Chain
  • http://links.cruisecontroldiet.com/a/1195/click/2996/618400/77390211ad3795d02095d3d93824eb350508fe4a/7cee961b5478c2c4ec079494e0ebe78a0d6b09da
  • http://www.cruisecontroldiet.com/specials/poisonsquad.php?tid=mail070719_azb
  • https://www.cruisecontroldiet.com/specials/poisonsquad.php?tid=mail070719_azb
  • https://tracking.undergroundcures6.com/aff_c?offer_id=1327&aff_id=171&aff_sub=mail070719_azb
  • https://pro.urgenthealthreports.com/m/1071283/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41
  • https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
119 KB
51 KB
Document
General
Full URL
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.170 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software
/
Resource Hash
5a453ee5db8dd98abb041dad6688ca4fe37cefab09198d91e2bb2b3bf050041f

Request headers

Host
pro.urgenthealthreports.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Cookie
1071283=1230354; BIGipServerIRIS_PROD_HTTPS_POOL=!8Hulf9lXBvr4U6PuZJwzdqDQ3dZl1hxIMX+nepS8LiC/AFmMjQTR5z2kuAHN+gGUpFYYHNPYXkMJFLE=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
LNAHU993=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
Date
Sat, 13 Jul 2019 19:04:21 GMT
Content-Length
51952

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Set-Cookie
1071283=1230354; expires=Fri, 02-Aug-2019 19:04:22 GMT; path=/; HttpOnly BIGipServerIRIS_PROD_HTTPS_POOL=!8Hulf9lXBvr4U6PuZJwzdqDQ3dZl1hxIMX+nepS8LiC/AFmMjQTR5z2kuAHN+gGUpFYYHNPYXkMJFLE=; path=/; Httponly; Secure
Date
Sat, 13 Jul 2019 19:04:21 GMT
Content-Length
5762
Common.js
/p/Scripts
2 KB
1 KB
Script
General
Full URL
https://pro.urgenthealthreports.com/p/Scripts/Common.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.170 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software
/
Resource Hash
40134bb6c4d8e9ef13f8445026ea42decb5bb2b9c279f203b375aa3378de0b9a

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 19:04:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Feb 2018 07:05:29 GMT
ETag
"9d768e35f49bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1136
HideContent.js
/p/Scripts
724 B
748 B
Script
General
Full URL
https://pro.urgenthealthreports.com/p/Scripts/HideContent.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.135.136.170 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software
/
Resource Hash
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 19:04:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Feb 2018 07:05:29 GMT
ETag
"9d768e35f49bd31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
466
css?family=Oswald:400,300,700
fonts.googleapis.com
1 KB
526 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,300,700
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
41c743751cd6ec65a2ba2f2a60bf82b2c73bf208a648859bed04668a60fee791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 13 Jul 2019 19:04:22 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 13 Jul 2019 19:04:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 13 Jul 2019 19:04:22 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css
138 KB
21 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip0x00f.map2.ssl.hwcdn.net
Software
/
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Origin
https://pro.urgenthealthreports.com

Response headers

date
Sat, 13 Jul 2019 19:04:30 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:10 GMT
access-control-allow-origin
*
etag
"1544639650"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
21089
Verified jquery.min.js
code.jquery.com
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery.min.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
Verified resource
flat-ui/2.2.2/js/vendor/jquery.min.js at cdnjs.com, project flat-ui

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 13 Jul 2019 19:04:24 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-1764d"
Vary
Accept-Encoding
X-HW
1563044664.dop019.am5.shc,1563044664.dop019.am5.t,1563044664.cds018.am5.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
33226
NmhVideoLib-latest.js
nmhfiles.com/videolib
36 KB
8 KB
Script
General
Full URL
https://nmhfiles.com/videolib/NmhVideoLib-latest.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b74e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
41892115361abc2d3cfb4833c314c23b77a4c39ebbca85a2fb4302c677a7fc44

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:22 GMT
content-encoding
gzip
etag
W/"5ba00234-914f"
cf-cache-status
HIT
last-modified
Mon, 17 Sep 2018 19:36:20 GMT
server
cloudflare
age
4549
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4f5d85b6ccb696ce-FRA
expires
Sat, 13 Jul 2019 23:04:22 GMT
NAH-PoisonSquad-Header.png
files.admin.newmarkethealth.com/images
40 KB
41 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/NAH-PoisonSquad-Header.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
784cd5c83d10d9ac4cd64aa1cf5e3b5b477c861265b1c387148e075342908d98

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 08 Jul 2019 19:25:24 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 19:22:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
etag
"710d05ac7e7ed686a5a00b039ee0c278"
x-cache
RefreshHit from cloudfront
x-amz-version-id
j.PP7n9eFb8gnEMg33oLFtSEBiVG3t9J
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
41247
x-amz-cf-id
lFMig_86UB2w6jo1JylGWEGm-YSsExM2GlJfvQ3O12DjXsIQGNKNNA==
Cured%20Button.png
files.admin.newmarkethealth.com/images
22 KB
23 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/Cured%20Button.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36b9a6a52b3372b48cc0898c747244e334c1ccc0ff980e0e361e156b3e320099

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 07:26:30 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
age
53686
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
22867
last-modified
Thu, 22 Mar 2018 05:38:34 GMT
server
AmazonS3
etag
"c0a575f8eb65ee7f02f0302c2895fc50"
x-amz-version-id
sMYXqaVBlq28bZHwGcSL6ng_KWkzoSuy
x-amz-cf-pop
FRA50
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
3L67KYx_G067cfcgaF1O4F3rldbVAJTYVQmCdCXfQ4jn0-2I0s81ww==
x-amz-meta-s3b-last-modified
20160809T160203Z
NAH-Cured-500x693_New.png
files.admin.newmarkethealth.com/images
393 KB
394 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/NAH-Cured-500x693_New.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b76763d2ee514e85edce42ba4e66c032cc7072536d39030c1a31f2c3c6ae216

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 11 May 2019 14:15:40 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
age
16875
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
402909
last-modified
Thu, 22 Mar 2018 05:39:15 GMT
server
AmazonS3
etag
"2c7ad553a194608801ea261c871b6307"
x-amz-version-id
sgBcoZyZ_wcAP53C5P.OyGnGezoVQBzJ
x-amz-cf-pop
FRA50
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
bSRuXfG0Iv6V1fv2qeYHpXmBCnuZDiMs0LqSymqD3_coG_sdU0YHrA==
x-amz-meta-s3b-last-modified
20170131T182545Z
hww.png
files.admin.newmarkethealth.com/images
62 KB
63 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/hww.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0030736d760e6b9cb0092e79e136845645d625206691f3dae3ffc227a986d207

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 08 Jul 2019 19:25:24 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
last-modified
Fri, 25 May 2018 16:55:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
etag
"90b209b2480cfdd2796a678e73394c63"
x-cache
RefreshHit from cloudfront
x-amz-version-id
ZbN5S3BO3UGqxaVYT2lrQ.9MC_TqeoP1
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
63605
x-amz-cf-id
E3RAhXphj-l8peyulFi4H6d3jbVOUSaPPQ8mOcR3IO3Q69RQByAQ4Q==
volunteers.png
files.admin.newmarkethealth.com/images
1 MB
1 MB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/volunteers.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9adc886eeaaa6aa1f65b627a31b9a4ee8cbf19556507bea328d3f282345c56fb

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 08 Jul 2019 19:25:24 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
last-modified
Mon, 14 May 2018 17:09:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
etag
"65af0592a50cec783a81d26c907be799"
x-cache
RefreshHit from cloudfront
x-amz-version-id
65ugG_WnnCUnbJi.h9e2vasV1uMN.r8y
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
1065271
x-amz-cf-id
HaOj5Hx2qGXRrQvdGpM_uo321UH3II1TdXdWtufmGGxHEGDMb-P-WQ==
Adblocked gtm.js?id=GTM-MB3G9X5
www.googletagmanager.com
120 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MB3G9X5
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11f2b44440da02e1827dd1fed478615e3b82e8d2cbb39cfa6bd73495800e880f
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:23 GMT
content-encoding
br
last-modified
Sat, 13 Jul 2019 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24259
x-xss-protection
0
expires
Sat, 13 Jul 2019 19:04:23 GMT
rothfeld.png
files.admin.newmarkethealth.com/images
144 KB
144 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/rothfeld.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eca21d91140cf04a7fe83923cc0c751a59223fa016f255902590567ec1425f4

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 08 Jul 2019 19:25:24 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 16:53:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
etag
"7c1abc3838932ce3b1348fee31a45dec"
x-cache
RefreshHit from cloudfront
x-amz-version-id
hH1NNOe9PmQVmae2NHU3YQ6g.erW8zUx
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
147261
x-amz-cf-id
EeFtpSCD61BMlqzQhdF3leiJgz6tMMoKBrQ6OpkZZaRWd0L5ynf8CQ==
cured-book-220.png
files.admin.newmarkethealth.com/images
90 KB
91 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/cured-book-220.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a4a97faaeebfa72674d61c8fb1462f2e508e73efaf542f01861f50a42bad636

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:24 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
last-modified
Fri, 12 Oct 2018 17:47:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
etag
"a91053f6ad78abec5c10c1317ffecba5"
x-cache
Miss from cloudfront
x-amz-version-id
6a3urcmSSge9e.6WOKAGC.4yYqswWozH
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
92387
x-amz-cf-id
A540Y5KHkhWloxVv5wXcprggeU7K7-lWVabO8tK-qaar5SjIsH_qqw==
rothfeld_sig.png
files.admin.newmarkethealth.com/images
7 KB
7 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/rothfeld_sig.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e315c7417c18dce369462780ffc668f79b324b4b498a9211226619df93106f12

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 19 May 2019 12:48:15 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
last-modified
Wed, 30 May 2018 16:53:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA50
etag
"a9b7aa0fb73522667c625ee90763a881"
x-cache
RefreshHit from cloudfront
x-amz-version-id
nznA6J3i1SS0Q86i9BEDY9rBzeh_P23X
status
200
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-type
image/png
content-length
6976
x-amz-cf-id
q90uOwijxLXJuo3dI4OBjUG1uoURzKZUazEMHZJ4k9ODZqvYFoxz1Q==
NAH-Cured-Burst_New.png
files.admin.newmarkethealth.com/images
192 KB
192 KB
Image
General
Full URL
https://files.admin.newmarkethealth.com/images/NAH-Cured-Burst_New.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:3e00:15:c44b:a200:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
135a5006bf4c23e1b063a4d94d3004ad12414cfdb8a8dce9c1f3ed38890f5d17

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 05 May 2019 10:35:52 GMT
via
1.1 3abf650c7bf73e47515000bddf3f05c0.cloudfront.net (CloudFront)
age
46186
x-cache
Hit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
196096
last-modified
Thu, 22 Mar 2018 05:39:16 GMT
server
AmazonS3
etag
"fb1efe446ba2e703a2aa900ecc633ecb"
x-amz-version-id
Hkx4T5__vxBMw8eIUL.KRXBWXPzkEEKt
x-amz-cf-pop
FRA50
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
kfG231hikWL55JR5f4TGBRDtYAMiWW6K5Ofy4hTwHFTvnFx9ujYbSw==
x-amz-meta-s3b-last-modified
20170131T182545Z
orangefreegift.png
nmhfiles.com/images/uploads
32 KB
32 KB
Image
General
Full URL
https://nmhfiles.com/images/uploads/orangefreegift.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b74e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fd5c4986eeab330c76782100ec85ebce98ab57012fa497efa1a1ea1de184c26d

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:24 GMT
cf-cache-status
HIT
age
1407
x-powered-by
PleskLin
status
200
content-length
32832
last-modified
Wed, 09 Nov 2016 14:46:05 GMT
server
cloudflare
etag
"582336ad-8040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4f5d85bea90a96ce-FRA
expires
Sat, 13 Jul 2019 23:04:24 GMT
ict_cured_ep.png
images.web-purchases.com/Library-1500002
339 KB
340 KB
Image
General
Full URL
https://images.web-purchases.com/Library-1500002/ict_cured_ep.png
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:a00:18:2d84:13c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf549672cba9e0ebd23ec6bbc4e0a44f967d4ad9c0c907edb61feb9fe0bfb947

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
qgXWLoHF4co78YGAgNcqFIaXgmWkVvHh
via
1.1 7b48191d48ad0a2b3616c20acd7fbc1c.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2017 11:42:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1512646704/ctime:1512646703/gid:0/gname:root/md5:c21af8693011141a1113cbeeff1a9b73/mode:33252/mtime:1486482879/uid:0/uname:root
x-amz-cf-pop
FRA50
etag
"c21af8693011141a1113cbeeff1a9b73"
x-cache
RefreshHit from cloudfront
content-type
image/png
status
200
date
Sat, 13 Jul 2019 14:23:34 GMT
x-amz-replication-status
FAILED
accept-ranges
bytes
content-length
347539
x-amz-cf-id
81HuMETuFYSsOROnrm5y0Iaoz_U6fPR_MVlYpCXU4FNxIVLyI0iHEw==
Adblocked analytics.js
www.google-analytics.com
43 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
5811
date
Sat, 13 Jul 2019 17:27:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Sat, 13 Jul 2019 19:27:39 GMT
Adblocked fbevents.js
connect.facebook.net/en_US
53 KB
17 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
16120
x-xss-protection
0
pragma
public
x-fb-debug
ybNxRu7+6DG/HpQIq+/uZ35I7vDY38e09zCPyX6KmkLpC4SJW21VmNQ+SPnWBvXtTaByapzaknApYJ8AUfSMVQ==
x-fb-trip-id
997090344
date
Sat, 13 Jul 2019 19:04:30 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860&slf_rd=1&random=2598180493
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1634133971&t=pageview&_s=1&dl=https%3A%2F%2Fpro.urgenthealthreports.com%2Fp%2FNAH180807A%2FLNAHU993%2F%3Faid%3D171%26sid1%3Dmail070719_azb%26...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_gid=864528148.1563044670&gjid=832591889&_v=j77&z=1413129860
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860&slf_rd=1&random=2598180493
42 B
374 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860&slf_rd=1&random=2598180493
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 13 Jul 2019 19:04:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 13 Jul 2019 19:04:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860&slf_rd=1&random=2598180493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked lio.js
c.lytics.io/api/tag/e2033117b05d33611f34afb61aed4016
45 KB
0
Script
General
Full URL
https://c.lytics.io/api/tag/e2033117b05d33611f34afb61aed4016/lio.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:30 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
5789
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
public, max-age=7200
cf-ray
4f5d85e739e4bedd-FRA
expires
Sat, 13 Jul 2019 21:04:30 GMT
Adblocked nmhlytics.js
nmhfiles.com/lytics
3 KB
1 KB
Script
General
Full URL
https://nmhfiles.com/lytics/nmhlytics.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b74e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
03ff835fbf1eca989c7d09c18f3f67d5ca597e2904b408b585bb0f1581e89051
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:30 GMT
content-encoding
gzip
etag
W/"5b4cab20-b33"
cf-cache-status
HIT
last-modified
Mon, 16 Jul 2018 14:26:40 GMT
server
cloudflare
age
5788
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4f5d85e6fc9a96ce-FRA
expires
Sat, 13 Jul 2019 23:04:30 GMT
E-v1.js
fast.wistia.com/assets/external
564 KB
108 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
09fa03eed5a57c9de1498b1c4fc50791bec0c243d8b49c54d709962f2460a1e8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:30 GMT
content-encoding
br
age
2084
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=0
content-length
109969
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sea1035-SEA, cache-hhn4057-HHN
x-browser-version
74
last-modified
Fri, 12 Jul 2019 18:32:45 GMT
x-timer
S1563044671.570172,VS0,VE0
etag
"5d28d24d-1ad91"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 296
mc2em.js
nmhfiles.com/mc2em
4 KB
1 KB
Script
General
Full URL
https://nmhfiles.com/mc2em/mc2em.js
Requested by
Host: pro.urgenthealthreports.com
URL: https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b74e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8d18fe23b4df4db9caded529c9f013b3eb3c1c31ecb528898c794021649f300c

Request headers

Referer
https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 13 Jul 2019 19:04:30 GMT
content-encoding
gzip
etag
W/"5b75b922-e9c"
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 17:49:22 GMT
server
cloudflare
age
5231
x-powered-by
PleskLin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4f5d85e6fc9b96ce-FRA
expires
Sat, 13 Jul 2019 23:04:30 GMT
qof8hhage3.json?callback=wistiajson1
fast.wistia.com/embed/medias
0
0

wistia-mux.js
fast.wistia.com/assets/external
0
0

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://links.cruisecontroldiet.com/a/1195/click/2996/618400/77390211ad3795d02095d3d93824eb350508fe4a/7cee961b5478c2c4ec079494e0ebe78a0d6b09da
  • http://www.cruisecontroldiet.com/specials/poisonsquad.php?tid=mail070719_azb
  • https://www.cruisecontroldiet.com/specials/poisonsquad.php?tid=mail070719_azb
  • https://tracking.undergroundcures6.com/aff_c?offer_id=1327&aff_id=171&aff_sub=mail070719_azb
  • https://pro.urgenthealthreports.com/m/1071283/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41
  • https://pro.urgenthealthreports.com/p/NAH180807A/LNAHU993/?aid=171&sid1=mail070719_azb&sid2=&sid3=&sid4=&sid5=&oid=1327&tid=10206177fc29f2b730f4c0d2b3ad41&h=true
Request 21
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=1634133971&t=pageview&_s=1&dl=https%3A%2F%2Fpro.urgenthealthreports.com%2Fp%2FNAH180807A%2FLNAHU993%2F%3Faid%3D171%26sid1%3Dmail070719_azb%26...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_gid=864528148.1563044670&gjid=832591889&_v=j77&z=1413129860
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-536812-33&cid=996051433.1563044670&jid=1478451200&_v=j77&z=1413129860&slf_rd=1&random=2598180493

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fast.wistia.com
URL
https://fast.wistia.com/embed/medias/qof8hhage3.json?callback=wistiajson1
Domain
fast.wistia.com
URL
https://fast.wistia.com/assets/external/wistia-mux.js

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer function| __attachEventHandler function| __detachEventHandler function| __addUnloadEvent function| __sendAjaxPost function| __urlParameters function| __setCookie function| __getCookie function| __getByClassName number| __subscribeNowDelay object| google_tag_manager function| __showElements object| __subscribeNowElements function| __showSubscribeNow object| NREUM object| newrelic function| __nr_require

0 Cookies

6 Console Messages

Source Level URL
Text
console-api log URL: , Line 1, Column79
Message:
Found wistia_embed container.
console-api log URL: , Line 1, Column79
Message:
Prerequisites ok.
console-api log URL: , Line 1, Column79
Message:
qof8hhage3
console-api log URL: , Line 1, Column79
Message:
isSafari: false
console-api log URL: , Line 1, Column79
Message:
isChrome: no
console-api log URL: , Line 1, Column79
Message:
[object Object]

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

c.lytics.io
code.jquery.com
connect.facebook.net
fast.wistia.com
files.admin.newmarkethealth.com
fonts.googleapis.com
images.web-purchases.com
links.cruisecontroldiet.com
nmhfiles.com
pro.urgenthealthreports.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tracking.undergroundcures6.com
www.cruisecontroldiet.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com

fast.wistia.com

192.135.136.170
205.185.208.52
209.197.3.15
2600:9000:200d:3e00:15:c44b:a200:93a1
2600:9000:200d:a00:18:2d84:13c0:93a1
2606:4700:10::6814:b74e
2606:4700:20::6819:5365
2a00:1450:4001:808::200e
2a00:1450:4001:817::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:821::2003
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:1b::622
35.238.92.4
52.30.115.90
67.225.147.188

0030736d760e6b9cb0092e79e136845645d625206691f3dae3ffc227a986d207
03ff835fbf1eca989c7d09c18f3f67d5ca597e2904b408b585bb0f1581e89051
09fa03eed5a57c9de1498b1c4fc50791bec0c243d8b49c54d709962f2460a1e8
11f2b44440da02e1827dd1fed478615e3b82e8d2cbb39cfa6bd73495800e880f
135a5006bf4c23e1b063a4d94d3004ad12414cfdb8a8dce9c1f3ed38890f5d17
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
36b9a6a52b3372b48cc0898c747244e334c1ccc0ff980e0e361e156b3e320099
40134bb6c4d8e9ef13f8445026ea42decb5bb2b9c279f203b375aa3378de0b9a
41892115361abc2d3cfb4833c314c23b77a4c39ebbca85a2fb4302c677a7fc44
41c743751cd6ec65a2ba2f2a60bf82b2c73bf208a648859bed04668a60fee791
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
5a453ee5db8dd98abb041dad6688ca4fe37cefab09198d91e2bb2b3bf050041f
657f79c4d5a6ea502202651151811d195b49cf9cf22fd7f8edaeefe2f8cc8fc4
6a4a97faaeebfa72674d61c8fb1462f2e508e73efaf542f01861f50a42bad636
784cd5c83d10d9ac4cd64aa1cf5e3b5b477c861265b1c387148e075342908d98
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
8d18fe23b4df4db9caded529c9f013b3eb3c1c31ecb528898c794021649f300c
9adc886eeaaa6aa1f65b627a31b9a4ee8cbf19556507bea328d3f282345c56fb
9b76763d2ee514e85edce42ba4e66c032cc7072536d39030c1a31f2c3c6ae216
9eca21d91140cf04a7fe83923cc0c751a59223fa016f255902590567ec1425f4
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
bf549672cba9e0ebd23ec6bbc4e0a44f967d4ad9c0c907edb61feb9fe0bfb947
e315c7417c18dce369462780ffc668f79b324b4b498a9211226619df93106f12
fd5c4986eeab330c76782100ec85ebce98ab57012fa497efa1a1ea1de184c26d