pro.nhsreports.org Open in urlscan Pro
192.135.136.169 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thenewslink.net/c/d0c102ad-f8bd-4d01-a65b-a2ff0556122c/1adc5568-1042-43e2-a785-405102cac6bc
Effective URL:
https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Submission: On June 03 via manual (June 3rd 2019, 1:45:01 pm UTC) from US

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 51 HTTP transactions. The main IP is 192.135.136.169, located in United States and belongs to AGORA - Monument & Cathedral Holdings, Inc., US. The main domain is pro.nhsreports.org.
TLS certificate: Issued by Entrust Certification Authority - L1K on November 26th 2018. Valid for: 9 months.

This is the only time pro.nhsreports.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.33.34.84 52.33.34.84	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	35.244.255.50 35.244.255.50	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	54.89.23.188 54.89.23.188	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 5	192.135.136.169 192.135.136.169	11372 (AGORA) (AGORA - Monument & Cathedral Holdings)
1	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
6	151.101.2.110 151.101.2.110	54113 (FASTLY) (FASTLY - Fastly)
7	2600:9000:200... 2600:9000:200c:1400:1:b0bf:f780:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	192.135.136.46 192.135.136.46	11372 (AGORA) (AGORA - Monument & Cathedral Holdings)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2606:4700:20:... 2606:4700:20::6819:5365	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
5	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:200... 2600:9000:200c:4400:9:cfaa:a600:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.16.186.18 2.16.186.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.227.192.113 35.227.192.113	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.40.58.131 52.40.58.131	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
1	2a04:4e42:600... 2a04:4e42:600::622	54113 (FASTLY) (FASTLY - Fastly)
3	2.16.186.32 2.16.186.32	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.89.139.175 52.89.139.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.1.125.188 52.1.125.188	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.170.99.177 35.170.99.177	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
51	21

1 52.33.34.84 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-33-34-84.us-west-2.compute.amazonaws.com

thenewslink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.255.50 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 50.255.244.35.bc.googleusercontent.com

www.everclk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.89.23.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-89-23-188.compute-1.amazonaws.com

amorain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.135.136.169 (United States) 2 redirects

ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US)

pro.nhsreports.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.110 (United States)

ASN54113 (FASTLY - Fastly, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:200c:1400:1:b0bf:f780:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d13p2xj50zkyqm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.135.136.46 (United States) 2 redirects

ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US)

analytics.pubsvs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.14west.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::6819:5365 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:4400:9:cfaa:a600:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

dizbubza2heg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.18 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-18.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.192.113 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 113.192.227.35.bc.googleusercontent.com

api.lytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.58.131 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-40-58-131.us-west-2.compute.amazonaws.com

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::622 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.32 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com

embedwistia-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.139.175 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-89-139-175.us-west-2.compute.amazonaws.com

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.125.188 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-125-188.compute-1.amazonaws.com

profiles.agorafinancial.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.170.99.177 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-170-99-177.compute-1.amazonaws.com

fg8vvsvnieiv3ej16jby.litix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	lytics.io c.lytics.io api.lytics.io	52 KB
8	cloudfront.net d13p2xj50zkyqm.cloudfront.net dizbubza2heg.cloudfront.net	372 KB
8	wistia.com fast.wistia.com distillery.wistia.com pipedream.wistia.com	202 KB
5	google-analytics.com www.google-analytics.com	18 KB
5	nhsreports.org 2 redirects pro.nhsreports.org	20 KB
4	akamaihd.net embedwistia-a.akamaihd.net	366 KB
2	litix.io fg8vvsvnieiv3ej16jby.litix.io	596 B
2	google.de www.google.de	220 B
2	google.com 2 redirects www.google.com	375 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	323 B
2	nr-data.net bam.nr-data.net	446 B
2	14west.us analytics.14west.us	66 KB
2	pubsvs.com 2 redirects analytics.pubsvs.com	862 B
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	34 KB
1	agorafinancial.com profiles.agorafinancial.com
1	newrelic.com js-agent.newrelic.com	13 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	amorain.com 1 redirects amorain.com	730 B
1	everclk.com 1 redirects www.everclk.com	495 B
1	thenewslink.net 1 redirects thenewslink.net	611 B
51	20

	Domain	Requested by
9	c.lytics.io	pro.nhsreports.org
7	d13p2xj50zkyqm.cloudfront.net	pro.nhsreports.org
6	fast.wistia.com	pro.nhsreports.org
5	www.google-analytics.com	pro.nhsreports.org
5	pro.nhsreports.org	2 redirects pro.nhsreports.org
4	embedwistia-a.akamaihd.net	pro.nhsreports.org
2	fg8vvsvnieiv3ej16jby.litix.io	pro.nhsreports.org
2	www.google.de
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	bam.nr-data.net	pro.nhsreports.org
2	analytics.14west.us	pro.nhsreports.org
2	analytics.pubsvs.com	2 redirects
1	profiles.agorafinancial.com	pro.nhsreports.org
1	pipedream.wistia.com	pro.nhsreports.org
1	distillery.wistia.com	pro.nhsreports.org
1	js-agent.newrelic.com	pro.nhsreports.org
1	api.lytics.io	pro.nhsreports.org
1	dizbubza2heg.cloudfront.net	pro.nhsreports.org
1	www.googletagmanager.com	pro.nhsreports.org
1	fonts.googleapis.com	pro.nhsreports.org
1	ajax.googleapis.com	pro.nhsreports.org
1	amorain.com	1 redirects
1	www.everclk.com	1 redirects
1	thenewslink.net	1 redirects
51	25

This site contains no links.

Subject Issuer	Validity	Valid
ordertracking2.pubsvs.com Entrust Certification Authority - L1K	`2018-11-26` - `2019-08-12`	9 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.14west.us Go Daddy Secure Certificate Authority - G2	`2019-02-08` - `2021-02-08`	2 years	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
ssl379818.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-28` - `2019-12-04`	6 months	crt.sh
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year	crt.sh
*.lytics.io RapidSSL TLS RSA CA G1	`2018-01-26` - `2020-01-06`	2 years	crt.sh
*.wistia.com DigiCert SHA2 Secure Server CA	`2017-03-27` - `2020-06-24`	3 years	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh
profiles.agorafinancial.com Go Daddy Secure Certificate Authority - G2	`2019-04-29` - `2021-04-29`	2 years	crt.sh
www.google.de Google Internet Authority G3	`2019-05-14` - `2019-08-06`	3 months	crt.sh
*.litix.io Amazon	`2019-01-22` - `2020-02-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Frame ID: B3A31DB289DF8D8F89947BDE8A2BB337
Requests: 52 HTTP requests in this frame

Frame: https://profiles.agorafinancial.com/iframe.html
Frame ID: 3207C5C612DF5FDBD7E701606C9CD18B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://thenewslink.net/c/d0c102ad-f8bd-4d01-a65b-a2ff0556122c/1adc5568-1042-43e2-a785-405102cac6bc HTTP 302
http://www.everclk.com/4RQSJ/2CTPL1/?sub1=ED_212 HTTP 302
https://amorain.com/?a=359&c=1611&s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a HTTP 302
http://pro.nhsreports.org/m/1101720?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3= HTTP 302
https://pro.nhsreports.org/m/1101720?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3= HTTP 301
https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

New Relic (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^NREUM/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^optimizely$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

script /piwik\.js|piwik\.php/i
env /^Piwik$/i
env /^_paq$/i

Page Statistics

51
Requests

100 %
HTTPS

44 %
IPv6

20
Domains

25
Subdomains

21
IPs

4
Countries

1182 kB
Transfer

2467 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thenewslink.net/c/d0c102ad-f8bd-4d01-a65b-a2ff0556122c/1adc5568-1042-43e2-a785-405102cac6bc HTTP 302
http://www.everclk.com/4RQSJ/2CTPL1/?sub1=ED_212 HTTP 302
https://amorain.com/?a=359&c=1611&s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a HTTP 302
http://pro.nhsreports.org/m/1101720?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3= HTTP 302
https://pro.nhsreports.org/m/1101720?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3= HTTP 301
https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://analytics.pubsvs.com/piwik.js HTTP 302
https://analytics.14west.us/piwik.js

Request Chain 28

https://analytics.pubsvs.com/piwik.php?action_name=pro.nhsreports.org%2F&idsite=37&rec=1&r=830739&h=13&m=44&s=33&url=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_id=f3069ca820fac197&_idts=1559569473&_idvc=1&_idn=0&_refts=0&_viewts=1559569473&send_image=1&cookie=1&res=1600x1200&gt_ms=267&pv_id=1ZivWf HTTP 302
https://analytics.14west.us/piwik.php?action_name=pro.nhsreports.org%2F&idsite=37&rec=1&r=830739&h=13&m=44&s=33&url=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_id=f3069ca820fac197&_idts=1559569473&_idvc=1&_idn=0&_refts=0&_viewts=1559569473&send_image=1&cookie=1&res=1600x1200&gt_ms=267&pv_id=1ZivWf

Request Chain 45

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&gjid=897066005&_gid=691218667.1559569474&_u=aHBAgEIRE~&z=1211313995 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&_v=j76&z=1211313995 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&_v=j76&z=1211313995&slf_rd=1&random=269121971

Request Chain 48

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&gjid=688920661&_gid=691218667.1559569474&_u=aPDAgEIRE~&z=998366131 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&_v=j76&z=998366131 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&_v=j76&z=998366131&slf_rd=1&random=933652218

51 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/
Redirect Chain

http://thenewslink.net/c/d0c102ad-f8bd-4d01-a65b-a2ff0556122c/1adc5568-1042-43e2-a785-405102cac6bc
http://www.everclk.com/4RQSJ/2CTPL1/?sub1=ED_212
https://amorain.com/?a=359&c=1611&s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a
http://pro.nhsreports.org/m/1101720?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=
https://pro.nhsreports.org/m/1101720?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=
https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

37 KB
17 KB

264ms
262ms

Document
text/html

192.135.136.169
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.135.136.169 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software: /
Resource Hash: f3a9f38208810e27eb3dc465e98c5d9b68313df7ca1f9971dced72932b40fcfe

Request headers

Host: pro.nhsreports.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Cookie: BIGipServerIRIS_PROD_HTTP_POOL=1526792202.20480.0000; 1101720=1267436; BIGipServerIRIS_PROD_HTTPS_POOL=1543569418.47873.0000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: LNHSUB63=; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly
Date: Mon, 03 Jun 2019 13:44:30 GMT
Content-Length: 16836

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Set-Cookie: 1101720=1267436; expires=Sun, 23-Jun-2019 13:44:31 GMT; path=/; HttpOnly BIGipServerIRIS_PROD_HTTPS_POOL=1543569418.47873.0000; path=/; Httponly; Secure
Date: Mon, 03 Jun 2019 13:44:30 GMT
Content-Length: 5691

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:817::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 31 May 2019 20:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236459
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 May 2020 20:03:32 GMT

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 560 KB
107 KB 32ms
8ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

ee79f7d4f38f9e07220d88be22e95b14cce96709b30d3aa8009ed991468ac036

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:31 GMT
content-encoding: br
age: 432
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 109600
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1045-SEA, cache-hhn1529-HHN
x-browser-version: 74
last-modified: Fri, 31 May 2019 20:33:35 GMT
x-timer: S1559569472.506593,VS0,VE0
etag: "5cf18f9f-1ac20"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 141

GET
H/1.1 200
OK Common.js Show response
pro.nhsreports.org/p/Scripts/ 2 KB
1 KB 115ms
112ms Script
application/javascript 192.135.136.169
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.nhsreports.org/p/Scripts/Common.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.135.136.169 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software: /
Resource Hash: 40134bb6c4d8e9ef13f8445026ea42decb5bb2b9c279f203b375aa3378de0b9a

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 13:44:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Feb 2018 07:05:29 GMT
ETag: "9d768e35f49bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 1136

GET
H/1.1 200
OK HideContent.js Show response
pro.nhsreports.org/p/Scripts/ 724 B
748 B 233ms
116ms Script
application/javascript 192.135.136.169
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.nhsreports.org/p/Scripts/HideContent.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.135.136.169 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software: /
Resource Hash: 809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 13:44:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Feb 2018 07:05:29 GMT
ETag: "9d768e35f49bd31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 466

GET
H2 200 promo_function.js Show response
d13p2xj50zkyqm.cloudfront.net/scripts/ 7 KB
2 KB 74ms
8ms Script
application/javascript 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/promo_function.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: f992b384858f2b68b3bef3c49285543174f83d68714aa66def10fdd19aea00b0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 May 2019 20:13:54 GMT
content-encoding: gzip
last-modified: Tue, 14 May 2019 20:10:26 GMT
server: nginx
age: 1704637
x-powered-by: PleskLin
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2628000, public
x-amz-cf-id: tr_iJPzietSe1o-dSbEpwrOUr0tQJ4FVNTXzahd46EE--5CV-_vw7A==
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)

GET
H2 200 style1-1.css
d13p2xj50zkyqm.cloudfront.net/scripts/ 34 KB
8 KB 74ms
8ms Stylesheet
text/css 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/style1-1.css
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: adfc25b4faa8c0944fa49110cd85455a7020927eddc7fb04dbbe8da68a57152c

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Mar 2019 01:48:32 GMT
content-encoding: gzip
last-modified: Tue, 06 Nov 2018 17:22:32 GMT
server: nginx
age: 1498303
x-powered-by: PleskLin
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=2628000, public
x-amz-cf-id: hohC9Ek4zqXZGDpHCfflW05nRq7SnSeXruXCqY2NpzJeRKfiJBFPdg==
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ 6 KB
733 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:819::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Anton|Roboto:400,700

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

7389344d169147c24704d3cca463d0ed46122ebde833603eb779bab0e8ebedc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 03 Jun 2019 13:44:31 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 03 Jun 2019 13:44:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 03 Jun 2019 13:44:31 GMT

GET
H2 200 Gerhauser.jpg
d13p2xj50zkyqm.cloudfront.net/promos_/health/SOL/minddefense_0418/ 10 KB
10 KB 83ms
18ms Image
image/jpeg 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos_/health/SOL/minddefense_0418/Gerhauser.jpg
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8e4e3b4e198e69db44e6f811e85dcc2b3aebd6cc098c7883bdca7667ebefb0c8

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 26 Mar 2019 13:24:52 GMT
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)
last-modified: Mon, 23 Apr 2018 15:20:34 GMT
server: nginx
age: 706213
x-powered-by: PleskLin
etag: "2752-56a85944ac469"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 10066
x-amz-cf-id: kbCNuujcuLjBKR8uAkKYozTqzyJqcOZjJ41ChXwXiPuCynMC4t_vjw==

GET
H2 200 BookValueNew.jpg
d13p2xj50zkyqm.cloudfront.net/promos/health/NHS/tabulavita_1018/ 306 KB
307 KB 17ms
15ms Image
image/jpeg 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/health/NHS/tabulavita_1018/BookValueNew.jpg
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8eebced31170986b6669e3d4928b7dc05f8c7de9dd29b028c6ac095905263242

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 May 2019 23:59:58 GMT
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)
last-modified: Mon, 10 Dec 2018 15:01:39 GMT
server: nginx
age: 1691072
x-powered-by: PleskLin
etag: "5c0e7fd3-4c81c"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 313372
x-amz-cf-id: UsAhFZ0A-m9XPBDMpx29hl8z-_brTyRGoc2k63UjMNZS5EDN7pSCbA==

GET
H2 200 2step.js Show response
d13p2xj50zkyqm.cloudfront.net/scripts/ 2 KB
1 KB 19ms
8ms Script
application/javascript 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/2step.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a49a67d0051fceb39301472ab95c2f3978c7d64f89f8d3d6025a6257263cfd7a

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 04 Aug 2018 00:36:12 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2016 00:59:52 GMT
server: nginx
age: 1481123
x-powered-by: PleskLin
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=2628000, public
x-amz-cf-id: J_yz_ORwBjjPx_hubXZumogUaresdBkS6w-ON7NGcUPN4rJiXYI66w==
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)

GET
H2 200 NaturalHealthResponse_Footer_52x52.png
d13p2xj50zkyqm.cloudfront.net/promos/health/assets/ 2 KB
2 KB 17ms
16ms Image
image/png 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/promos/health/assets/NaturalHealthResponse_Footer_52x52.png
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 8fb5fac71b40938d2a52abeac77808f717d01fe95b6785e06844144b88ccd109

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 01:15:24 GMT
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)
last-modified: Mon, 23 Jan 2017 14:54:03 GMT
server: nginx
age: 2550547
x-powered-by: PleskLin
etag: "5886190b-706"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 1798
x-amz-cf-id: gPkc7AK2c5Rb7aZV4jwVj1kmA3KcOXXH4me9B6_UoOQUdS3m3E-Bpw==

GET
H/1.1

200
OK

piwik.js Show response
analytics.14west.us/
Redirect Chain

https://analytics.pubsvs.com/piwik.js
https://analytics.14west.us/piwik.js

66 KB
66 KB

498ms
111ms

Script
application/javascript

192.135.136.46
Monument & Cathed...

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.14west.us/piwik.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.135.136.46 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software: Apache/2.4.6 /
Resource Hash: e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 13:44:32 GMT
Last-Modified: Wed, 08 May 2019 13:02:24 GMT
Server: Apache/2.4.6
ETag: "106ad-5885ff1d80b2d"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 67245

Redirect headers

Location: https://analytics.14west.us/piwik.js
Date: Mon, 03 Jun 2019 13:44:32 GMT
Server: Apache/2.4.6
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 220
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
39 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:808::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MCZN9XW

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

807645e5f1d8fadf8757a382045e90b6d98bf3d0b878e34dacd5b580ca49c351

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:31 GMT
content-encoding: br
last-modified: Fri, 31 May 2019 13:49:13 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 39753
x-xss-protection: 0
expires: Mon, 03 Jun 2019 13:44:31 GMT

GET
H2 200 main-bg.jpg
d13p2xj50zkyqm.cloudfront.net/scripts/assets/ 2 KB
3 KB 12ms
9ms Image
image/jpeg 2600:9000:200c:1400:1:b0bf:f780:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d13p2xj50zkyqm.cloudfront.net/scripts/assets/main-bg.jpg
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:1400:1:b0bf:f780:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: b76e9e06bdb8b3dee077964fb96005b5d6fdf5c6511965f4b65daa848715ffb7

Request headers

Referer: https://d13p2xj50zkyqm.cloudfront.net/scripts/style1-1.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Mar 2018 19:36:24 GMT
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)
last-modified: Fri, 16 Mar 2018 16:44:50 GMT
server: nginx
age: 2355305
x-powered-by: PleskLin
etag: "5aabf482-8c5"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 2245
x-amz-cf-id: 2e23VNk4W7L0siOrubUofrtl1g0T5LJXt51zUnNYXzcvn3FUcNcHQQ==

GET
H2 200 lio.js Show response
c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/ 45 KB
11 KB 223ms
148ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/tag/7633a10cce24ede709377546c8e3146d/lio.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34da416c63acbcf01c439bd1ec4a93c300f2ce4d8e5a53190e3fde6448a960d9

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4e121a303c3fd6f1-FRA
expires: Mon, 03 Jun 2019 17:44:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 May 2019 23:53:44 GMT
server: Golfe2
age: 716
date: Mon, 03 Jun 2019 13:32:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17595
expires: Mon, 03 Jun 2019 15:32:35 GMT

GET
H2 200 profiles.compressed.js Show response
dizbubza2heg.cloudfront.net/js/ 38 KB
39 KB 97ms
12ms Script
application/x-javascript 2600:9000:200c:4400:9:cfaa:a600:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dizbubza2heg.cloudfront.net/js/profiles.compressed.js?v=2.0.0
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:4400:9:cfaa:a600:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 109c73b011c95b865581c41947bbc38873875e5ee822f66d8af83b7610f55a28

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 02 Jun 2019 15:37:00 GMT
via: 1.1 412049da39a44d4e9af054ecc17534dd.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2019 16:43:06 GMT
server: nginx/1.4.6 (Ubuntu)
age: 100921
etag: "5cd1b59a-99b8"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 39352
x-amz-cf-id: fJ2ff2iv3h0hnMQ4B-n_EwnlG02VkC9XEuk0CdyCeLDpdb3NF0_H3A==

GET
H2 200 8wg2ntwwbb.json Show response
fast.wistia.com/embed/medias/ 5 KB
2 KB 11ms
8ms Script
text/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/8wg2ntwwbb.json?callback=wistiajson1

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a19b798bf26b58f4171ee457f96adb549d6762414dc6d27674a990ba31ceb0e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9620
x-cache: MISS, HIT, HIT
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
status: 200
strict-transport-security: max-age=0
content-length: 1506
via: 1.1 varnish, 1.1 varnish
x-request-id: 7e90ede7e44afaedb50a1661e24ef565
x-served-by: cache-sea1021-SEA, cache-hhn1529-HHN
x-runtime: 0.105550
x-browser-version: 74
x-timer: S1559569472.143858,VS0,VE1
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, no-cache
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
link: <https://embedwistia-a.akamaihd.net>; rel=preconnect; crossorigin
x-cache-hits: 0, 3, 1

GET
H2 200 wistia-mux.js Show response
fast.wistia.com/assets/external/ 92 KB
24 KB 18ms
18ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistia-mux.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

1d68546d949cc52c30a932446cc56a9f475e62c65c302df430e77342f1bb588b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
content-encoding: br
age: 432
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 24832
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1024-SEA, cache-hhn1529-HHN
x-browser-version: 74
last-modified: Fri, 31 May 2019 20:33:35 GMT
x-timer: S1559569472.144036,VS0,VE0
etag: "5cf18f9f-6100"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 94

GET
H/1.1 200
OK b254be486b5d6f50599329fb7ee4bc86.jpg
embedwistia-a.akamaihd.net/deliveries/ 10 KB
11 KB 168ms
31ms Image
image/jpeg 2.16.186.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embedwistia-a.akamaihd.net/deliveries/b254be486b5d6f50599329fb7ee4bc86.jpg?image_crop_resized=640x360
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.18 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-18.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: f973aa9828bcd0c9f55ed0ad8e081059d1bee80112125eaf832446c295e7ac23

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: wMKdmCucC6OMtQIsHXWin0uFF5E.676o
Access-Control-Request-Method: *
Content-Disposition: inline
Connection: keep-alive
Content-Length: 10524
X-Served-By: bakeryaws-breadroute-dosa,bakeryaws-prime-nimrod
Last-Modified: Mon, 03 Dec 2018 17:46:02 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Mon, 03 Jun 2019 13:44:32 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=16421073
x-amz-tagging-count: 1
Accept-Ranges: bytes

GET
H2 200 io.min.js Show response
c.lytics.io/static/v2/ 13 KB
6 KB 13ms
12ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/v2/io.min.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 29 May 2019 20:26:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4e121a32eda8d6f1-FRA
expires: Mon, 03 Jun 2019 17:44:32 GMT

GET
H2 200 7633a10cce24ede709377546c8e3146d
c.lytics.io/c/ 35 B
293 B 125ms
125ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d?pubpromo=NHS&_ts=1559569472507&_nmob=t&_device=desktop&url=pro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_v=2.0.0&_e=pv&_sesstart=1&_tz=0&_ul=en-US&_sz=1600x1200&_uid=100442.9137830764&_getid=t&_ca=jstag1
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4e121a335f0ed6f1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 100442.9137830764 Show response
api.lytics.io/api/me/7633a10cce24ede709377546c8e3146d/_uid/ 99 B
334 B 179ms
119ms Script
application/json 35.227.192.113
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lytics.io/api/me/7633a10cce24ede709377546c8e3146d/_uid/100442.9137830764?segments=true&callback=window.lio.segmentscb&ts=1559569472534
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.192.113 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 113.192.227.35.bc.googleusercontent.com
Software: lytics.io 9bb8df1ac1 /
Resource Hash: e395ed4bbb1e12ddcc64d9d0c493bf19142d00c3d90079080a80b1ee1539515e

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
content-encoding: gzip
alt-svc: clear
server: lytics.io 9bb8df1ac1
access-control-allow-origin
access-control-allow-methods: GET
content-type: application/json
status: 200
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Cookie, *
content-length: 112
via: 1.1 google

GET
H2 200 7633a10cce24ede709377546c8e3146d
c.lytics.io/c/ 35 B
94 B 135ms
134ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d?_ts=1559569472527&_nmob=t&_device=desktop&url=pro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_uid=100442.9137830764&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4e121a336f45d6f1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 default
c.lytics.io/c/7633a10cce24ede709377546c8e3146d/ 35 B
94 B 134ms
133ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d/default?gtm.start=1559569471735&event=gtm.js&gtm.uniqueEventId=0&_ts=1559569472530&_nmob=t&_device=desktop&url=pro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_uid=100442.9137830764&_getid=t&_v=2.0.0&_ca=jstag1
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4e121a336f46d6f1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 pathfora.min.js Show response
c.lytics.io/static/ 98 KB
20 KB 28ms
27ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2904791a3d21ac418c20883cb50a3f5923f1600fe9793cf7662a98f0cc9a2e00

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 29 May 2019 20:26:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4e121a348b1bd6f1-FRA
expires: Mon, 03 Jun 2019 17:44:32 GMT

GET
H2 200 pathfora.min.css
c.lytics.io/static/ 20 KB
3 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/static/pathfora.min.css
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:32 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 29 May 2019 20:26:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4e121a34cc09d6f1-FRA
expires: Mon, 03 Jun 2019 17:44:32 GMT

GET
H2 200 config.js Show response
c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/ 72 KB
11 KB 332ms
332ms Script
application/javascript 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lytics.io/api/program/campaign/config/7633a10cce24ede709377546c8e3146d/config.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577c853d455a5ffffa17dc2a4a7d4c38e6500a7f200d3b7d036abe39c86307b0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:33 GMT
via: 1.1 google
cf-cache-status: EXPIRED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 4e121a34cc0bd6f1-FRA
expires: Mon, 03 Jun 2019 17:44:33 GMT

GET
H/1.1

200
OK

piwik.php
analytics.14west.us/
Redirect Chain

https://analytics.pubsvs.com/piwik.php?action_name=pro.nhsreports.org%2F&idsite=37&rec=1&r=830739&h=13&m=44&s=33&url=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D...
https://analytics.14west.us/piwik.php?action_name=pro.nhsreports.org%2F&idsite=37&rec=1&r=830739&h=13&m=44&s=33&url=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D2...

43 B
377 B

293ms
284ms

Image
image/gif

192.135.136.46
Monument & Cathed...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.14west.us/piwik.php?action_name=pro.nhsreports.org%2F&idsite=37&rec=1&r=830739&h=13&m=44&s=33&url=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_id=f3069ca820fac197&_idts=1559569473&_idvc=1&_idn=0&_refts=0&_viewts=1559569473&send_image=1&cookie=1&res=1600x1200&gt_ms=267&pv_id=1ZivWf
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.135.136.46 , United States, ASN11372 (AGORA - Monument & Cathedral Holdings, Inc., US),
Reverse DNS
Software: Apache/2.4.6 / PHP/7.1.26
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 03 Jun 2019 13:44:33 GMT
Server: Apache/2.4.6
X-Powered-By: PHP/7.1.26
Vary: Origin
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store
Transfer-Encoding: chunked
Connection: Keep-Alive
Access-Control-Allow-Credentials: true
Keep-Alive: timeout=5, max=99

Redirect headers

Location: https://analytics.14west.us/piwik.php?action_name=pro.nhsreports.org%2F&idsite=37&rec=1&r=830739&h=13&m=44&s=33&url=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_id=f3069ca820fac197&_idts=1559569473&_idvc=1&_idn=0&_refts=0&_viewts=1559569473&send_image=1&cookie=1&res=1600x1200&gt_ms=267&pv_id=1ZivWf
Date: Mon, 03 Jun 2019 13:44:33 GMT
Server: Apache/2.4.6
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 653
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 nr-spa-1123.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 8ms
7ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1123.min.js
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:33 GMT
content-encoding: gzip
x-amz-request-id: 1FF490D69935631D
x-cache: HIT
status: 200
content-length: 12987
x-amz-id-2: +9kidfSDfWwnnMGkIHuHBOCIhyiwcGNczZKhABkVC6KRLxg4IgG49oJD8ae4l4oWoQLPjaU3RVs=
x-served-by: cache-hhn1529-HHN
last-modified: Fri, 22 Mar 2019 14:06:17 GMT
server: AmazonS3
x-timer: S1559569474.549083,VS0,VE0
etag: "73372dea50ae4e01a4e1d2f2b5cd5e6a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6492

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 285 KB
62 KB 10ms
7ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

c506095d7103dd693a8d9327570eb0692c4bbb0c63ef0043ed76a85651ab25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:33 GMT
content-encoding: br
age: 430
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 63684
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1030-SEA, cache-hhn1529-HHN
x-browser-version: 74
last-modified: Fri, 31 May 2019 20:33:35 GMT
x-timer: S1559569474.558775,VS0,VE0
etag: "5cf18f9f-f8c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 65

POST
H2 204 x Show response
distillery.wistia.com/ 0
96 B 544ms
173ms XHR
text/plain 52.40.58.131
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.40.58.131 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-40-58-131.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 03 Jun 2019 13:44:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: *

GET
H/1.1 200
OK 65387c3314 Show response
bam.nr-data.net/1/ 57 B
261 B 106ms
105ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/65387c3314?a=46346808,5284047&v=1123.df1c7f8&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=5010&ref=https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/&ap=47&be=2930&fe=4989&dc=3270&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1559569468554,%22n%22:0,%22f%22:2649,%22dn%22:2649,%22dne%22:2649,%22c%22:2649,%22ce%22:2649,%22rq%22:2651,%22rp%22:2913,%22rpe%22:2918,%22dl%22:2921,%22di%22:3269,%22ds%22:3271,%22de%22:3285,%22dc%22:4988,%22l%22:4989,%22le%22:5005%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/javascript;charset=ISO-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 33ms
6ms Image
image/gif 2a04:4e42:600::622
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::622 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org

Response headers

date: Mon, 03 Jun 2019 13:44:33 GMT
via: 1.1 varnish, 1.1 varnish
age: 234439
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 1214
x-served-by: cache-sea1020-SEA, cache-fra19179-FRA
x-browser-version: 74
last-modified: Fri, 31 May 2019 19:11:32 GMT
x-timer: S1559569474.687999,VS0,VE0
etag: "5cf17c64-4be"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 7379

GET
H/1.1 200
OK aa9cfe1eea451de0d584ea14fa34a561f9f2ebbe.bin Show response
embedwistia-a.akamaihd.net/deliveries/ 160 KB
161 KB 111ms
38ms XHR
application/x-mpegurl 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/aa9cfe1eea451de0d584ea14fa34a561f9f2ebbe.bin
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 02703d1b3b49c7515c9fc0f54a4af9cd23da88a6da64958c369e25a2e3ee8510

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org

Response headers

x-amz-version-id: 5FLLxjOz.DK8b5GVXTMzpfH6_cL13Emm
Access-Control-Request-Method: *
Last-Modified: Mon, 03 Dec 2018 17:48:59 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Mon, 03 Jun 2019 13:44:33 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=28617870
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 163998
X-Served-By: bakeryaws-breadroute-potbrood,bakeryaws-prime-stryker

OPTIONS
H/1.1 200
OK aa9cfe1eea451de0d584ea14fa34a561f9f2ebbe.ts Show response
embedwistia-a.akamaihd.net/deliveries/ 0
0 26ms
25ms XHR
text/html 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/aa9cfe1eea451de0d584ea14fa34a561f9f2ebbe.ts
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://pro.nhsreports.org
Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: range

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Range
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, HEAD, OPTIONS

GET
H/1.1 206
Partial Content aa9cfe1eea451de0d584ea14fa34a561f9f2ebbe.ts Show response
embedwistia-a.akamaihd.net/deliveries/ 194 KB
195 KB 55ms
52ms XHR
video/mp2t 2.16.186.32
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://embedwistia-a.akamaihd.net/deliveries/aa9cfe1eea451de0d584ea14fa34a561f9f2ebbe.ts
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-32.deploy.static.akamaitechnologies.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 1f96131c3e511e745906ea1a66b890cd9445f9550af127c042a3099b09942766

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-198527

Response headers

x-amz-version-id: _sgkDYRTFL173mJxxoaXhSWPcz1FFHXu
Access-Control-Request-Method: *
Last-Modified: Mon, 03 Dec 2018 17:48:59 GMT
Server: nginx/1.4.6 (Ubuntu)
Date: Mon, 03 Jun 2019 13:44:33 GMT
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
Cache-Control: max-age=28640429
Content-Range: bytes 0-198527/192157244
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 198528
X-Served-By: bakeryaws-breadroute-dosa,bakeryaws-prime-nimrod

POST
H/1.1 200
OK 65387c3314 Show response
bam.nr-data.net/events/1/ 24 B
185 B 106ms
105ms XHR
image/gif 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/65387c3314?a=46346808,5284047&v=1123.df1c7f8&to=YANVZUdYDxFXW0UMWllJemd2FiINWExUC0F0CVlFR1YNDlNKHilaVgJ0XltNBAxC&rst=5557&ref=https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://pro.nhsreports.org
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
207 B 578ms
161ms XHR
text/html 52.89.139.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://pipedream.wistia.com/mput?topic=metrics

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.139.175 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-89-139-175.us-west-2.compute.amazonaws.com

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 03 Jun 2019 13:44:34 GMT
x-content-type-options: nosniff
status: 200
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: *
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK iframe.html
profiles.agorafinancial.com/ Frame 3207 0
0 468ms
97ms Document
text/html 52.1.125.188
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://profiles.agorafinancial.com/iframe.html
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.125.188 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-125-188.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash

Request headers

Host: profiles.agorafinancial.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Mon, 03 Jun 2019 13:44:34 GMT
Content-Type: text/html
Last-Modified: Thu, 01 Mar 2018 14:43:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
826 B 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:01:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2605
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 735
x-xss-protection: 0
expires: Mon, 03 Jun 2019 14:01:09 GMT

GET
H2 200 default
c.lytics.io/c/7633a10cce24ede709377546c8e3146d/ 35 B
117 B 126ms
126ms Image
image/gif 2606:4700:20::6819:5365
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.lytics.io/c/7633a10cce24ede709377546c8e3146d/default?profilesUserId=&loggedIn=&author=&postCategory=&postTags=&postType=&timestamp=1559569474&afidAccountType=&_ts=1559569474375&_nmob=t&_device=desktop&url=pro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&_uid=100442.9137830764&_getid=t&_v=2.0.0&_ca=jstag1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:5365 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:34 GMT
via: 1.1 google
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 4e121a3eefedd6f1-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Cookie, *
content-length: 35
expires: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
98 B 35ms
20ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=1734900092&t=pageview&_s=1&dl=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&ul=en-us&de=UTF-8&dt=You%E2%80%99re%20about%20to%20see%20a%20shocking%20discovery%20that%20dates%20back%204%2C365%20years%E2%80%A6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAgEIRE~&jid=1485300272&gjid=897066005&cid=1879393513.1559569474&uid=&tid=UA-304800-65&_gid=691218667.1559569474&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd9=1559569474&cd10=&z=2118132372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 02:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39387
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&gjid=897066005&_gid=691218667.1559569474&_u=aHBAgEIRE~&z=1211313995
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&_v=j76&z=1211313995
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&_v=j76&z=1211313995&slf_rd=1&random=269121971

42 B
110 B

33ms
31ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&_v=j76&z=1211313995&slf_rd=1&random=269121971

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:34 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-304800-65&cid=1879393513.1559569474&jid=1485300272&_v=j76&z=1211313995&slf_rd=1&random=269121971
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 19 KB
4 KB 28ms
13ms Script
application/javascript 151.101.2.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.110 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

3d3fb63793b527495bf9af1ee2f0a40540bc4f6fd9a8e2122079a68356834f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 03 Jun 2019 13:44:34 GMT
content-encoding: br
age: 432
x-cache: HIT, HIT
status: 200
strict-transport-security: max-age=0
content-length: 4284
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-sea1023-SEA, cache-hhn1529-HHN
x-browser-version: 74
last-modified: Fri, 31 May 2019 20:33:35 GMT
x-timer: S1559569475.574518,VS0,VE0
etag: "5cf18f9f-10bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 76

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 9ms
7ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=1734900092&t=pageview&_s=1&dl=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&ul=en-us&de=UTF-8&dt=You%E2%80%99re%20about%20to%20see%20a%20shocking%20discovery%20that%20dates%20back%204%2C365%20years%E2%80%A6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aPDAgEIRE~&jid=1263203691&gjid=688920661&cid=1583671040.1559569475&uid=&tid=UA-3366695-18&_gid=691218667.1559569474&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd9=1559569475&cd10=&cd1=pro.nhsreports.org&z=230197295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 02:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39387
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j76&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&gjid=688920661&_gid=691218667.1559569474&_u=aPDAgEIRE~&z=998366131
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&_v=j76&z=998366131
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&_v=j76&z=998366131&slf_rd=1&random=933652218

42 B
110 B

23ms
18ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&_v=j76&z=998366131&slf_rd=1&random=933652218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:35 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jun 2019 13:44:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3366695-18&cid=1583671040.1559569475&jid=1263203691&_v=j76&z=998366131&slf_rd=1&random=933652218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 16ms
15ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j76&a=1734900092&t=timing&_s=2&dl=https%3A%2F%2Fpro.nhsreports.org%2Fp%2FNHS_tabulavita_1018%2FLNHSUB63%2F%3Fs1%3D28%26s2%3D32b5d671a20445a3b0c0d843c4ae748a%26s3%3D%26h%3Dtrue&ul=en-us&de=UTF-8&dt=You%E2%80%99re%20about%20to%20see%20a%20shocking%20discovery%20that%20dates%20back%204%2C365%20years%E2%80%A6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4989&pdt=5&dns=0&rrt=2649&srt=262&tcp=0&dit=3269&clt=3271&_gst=3393&_gbt=3413&_u=aPDAgEIRE~&jid=&gjid=&cid=1583671040.1559569475&uid=&tid=UA-3366695-18&_gid=691218667.1559569474&cd2=&cd3=&cd4=&cd5=&cd6=&cd7=&cd9=1559569475&cd10=&cd1=pro.nhsreports.org&z=132839619

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jun 2019 02:48:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39387
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 0
247 B 553ms
101ms XHR
text/plain 35.170.99.177
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by: Host: pro.nhsreports.org
URL: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.99.177 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-99-177.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://pro.nhsreports.org
Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jun 2019 13:44:39 GMT
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 0
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: POST, GET

POST
H/1.1 200
OK / Show response
fg8vvsvnieiv3ej16jby.litix.io/ 43 B
349 B 103ms
102ms XHR
image/gif 35.170.99.177
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://fg8vvsvnieiv3ej16jby.litix.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.99.177 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-99-177.compute-1.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1=28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true
Origin: https://pro.nhsreports.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Mon, 03 Jun 2019 13:44:39 GMT
Access-Control-Allow-Methods: POST, GET
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pro.nhsreports.org/	1970-01-19 01:12:51	Name: _pk_ses.37.4376 Value: 1
pro.nhsreports.org/	1970-01-19 09:58:25	Name: PathforaTest_c0c1e4434690c852e2951a96a59e8c28 Value: 0.9685780204115231
pro.nhsreports.org/	1970-01-19 01:12:50	Name: ly_segs Value: %7B%22all%22%3A%22all%22%2C%22not_found%22%3A%22not_found%22%7D
.pro.nhsreports.org/	1970-01-19 03:22:25	Name: seerid Value: 100442.9137830764
pro.nhsreports.org/	1970-01-19 09:58:25	Name: PathforaPageView Value: 1
.pro.nhsreports.org/	1970-01-19 01:12:51	Name: seerses Value: e
.nhsreports.org/	1970-01-19 03:22:25	Name: seerid Value: 100442.9137830764
.nhsreports.org/	1970-01-19 01:12:51	Name: seerses Value: e
pro.nhsreports.org/	1970-01-19 09:58:25	Name: __distillery Value: b2768e5_8fd5f6c0-345c-471b-919e-f75d6191675a-d04e4e976-82427398fe1d-0116
pro.nhsreports.org/	1978-01-11 21:31:40	Name: LNHSUB63 Value:
pro.nhsreports.org/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTP_POOL Value: 1526792202.20480.0000
pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63	1970-01-19 09:58:25	Name: https://pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63/?s1 Value: 28&s2=32b5d671a20445a3b0c0d843c4ae748a&s3=&h=true=visited
pro.nhsreports.org/	1970-01-19 10:38:44	Name: _pk_id.37.4376 Value: f3069ca820fac197.1559569473.1.1559569473.1559569473.
pro.nhsreports.org/	1970-01-19 01:41:37	Name: 1101720 Value: 1267436
pro.nhsreports.org/	1969-12-31 23:59:59	Name: BIGipServerIRIS_PROD_HTTPS_POOL Value: 1543569418.47873.0000
pro.nhsreports.org/p/NHS_tabulavita_1018/LNHSUB63	1969-12-31 23:59:59	Name: loglevel Value: WARN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amorain.com
analytics.14west.us
analytics.pubsvs.com
api.lytics.io
bam.nr-data.net
c.lytics.io
d13p2xj50zkyqm.cloudfront.net
distillery.wistia.com
dizbubza2heg.cloudfront.net
embedwistia-a.akamaihd.net
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.googleapis.com
js-agent.newrelic.com
pipedream.wistia.com
pro.nhsreports.org
profiles.agorafinancial.com
stats.g.doubleclick.net
thenewslink.net
www.everclk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
151.101.2.110
162.247.242.19
192.135.136.169
192.135.136.46
2.16.186.18
2.16.186.32
2600:9000:200c:1400:1:b0bf:f780:21
2600:9000:200c:4400:9:cfaa:a600:21
2606:4700:20::6819:5365
2a00:1450:4001:808::2008
2a00:1450:4001:814::200e
2a00:1450:4001:817::200a
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2003
2a00:1450:400c:c06::9b
2a04:4e42:600::622
35.170.99.177
35.227.192.113
35.244.255.50
52.1.125.188
52.33.34.84
52.40.58.131
52.89.139.175
54.89.23.188
02703d1b3b49c7515c9fc0f54a4af9cd23da88a6da64958c369e25a2e3ee8510
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
109c73b011c95b865581c41947bbc38873875e5ee822f66d8af83b7610f55a28
1d68546d949cc52c30a932446cc56a9f475e62c65c302df430e77342f1bb588b
1f96131c3e511e745906ea1a66b890cd9445f9550af127c042a3099b09942766
2904791a3d21ac418c20883cb50a3f5923f1600fe9793cf7662a98f0cc9a2e00
34da416c63acbcf01c439bd1ec4a93c300f2ce4d8e5a53190e3fde6448a960d9
3d3fb63793b527495bf9af1ee2f0a40540bc4f6fd9a8e2122079a68356834f09
40134bb6c4d8e9ef13f8445026ea42decb5bb2b9c279f203b375aa3378de0b9a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
577c853d455a5ffffa17dc2a4a7d4c38e6500a7f200d3b7d036abe39c86307b0
58aa5964d6f5dc68b2180e943ea63b6031c0ba83e44d9815e724b10f2f615f9f
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7389344d169147c24704d3cca463d0ed46122ebde833603eb779bab0e8ebedc6
807645e5f1d8fadf8757a382045e90b6d98bf3d0b878e34dacd5b580ca49c351
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e4e3b4e198e69db44e6f811e85dcc2b3aebd6cc098c7883bdca7667ebefb0c8
8eebced31170986b6669e3d4928b7dc05f8c7de9dd29b028c6ac095905263242
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8fb5fac71b40938d2a52abeac77808f717d01fe95b6785e06844144b88ccd109
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a19b798bf26b58f4171ee457f96adb549d6762414dc6d27674a990ba31ceb0e7
a49a67d0051fceb39301472ab95c2f3978c7d64f89f8d3d6025a6257263cfd7a
a6c380163cfb4ec488d8231f891ae8deaa8d82ae8c18ba3a6d6a3b2168b3d1ef
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
adfc25b4faa8c0944fa49110cd85455a7020927eddc7fb04dbbe8da68a57152c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2435070f04e40c2666a729a016c60355b2025c969c3b7857489b7c8b2755bc2
b76e9e06bdb8b3dee077964fb96005b5d6fdf5c6511965f4b65daa848715ffb7
c506095d7103dd693a8d9327570eb0692c4bbb0c63ef0043ed76a85651ab25b6
e395ed4bbb1e12ddcc64d9d0c493bf19142d00c3d90079080a80b1ee1539515e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
ee79f7d4f38f9e07220d88be22e95b14cce96709b30d3aa8009ed991468ac036
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a9f38208810e27eb3dc465e98c5d9b68313df7ca1f9971dced72932b40fcfe
f973aa9828bcd0c9f55ed0ad8e081059d1bee80112125eaf832446c295e7ac23
f992b384858f2b68b3bef3c49285543174f83d68714aa66def10fdd19aea00b0

pro.nhsreports.org Open in urlscan Pro 192.135.136.169 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

44 %IPv6

20 Domains

25 Subdomains

21 IPs

4 Countries

1182 kBTransfer

2467 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pro.nhsreports.org Open in urlscan Pro
192.135.136.169 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

44 %
IPv6

20
Domains

25
Subdomains

21
IPs

4
Countries

1182 kB
Transfer

2467 kB
Size

16
Cookies

51 HTTP transactions
2 data transactions