www.nmshealth.com Open in urlscan Pro
2606:4700:3036::681b:be24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.nmshealth.com/
Effective URL:
https://www.nmshealth.com/
Submission: On April 02 via manual (April 2nd 2020, 6:18:37 pm UTC) from US

Summary HTTP 76 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 24 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3036::681b:be24, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nmshealth.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on December 4th 2019. Valid for: 10 months.

This is the only time www.nmshealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	2606:4700:303... 2606:4700:3036::681b:be24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
2	13.224.191.114 13.224.191.114	16509 (AMAZON-02) (AMAZON-02)
15	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
2	52.216.169.61 52.216.169.61	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	2600:9000:20e... 2600:9000:20eb:2e00:16:bdf:6400:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:14ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE)
1	13.225.87.138 13.225.87.138	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	72.247.224.84 72.247.224.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:10c... 2a02:26f0:10c:39e::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2a05:f500:11:... 2a05:f500:11:101::b93f:9001	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	104.108.3.214 104.108.3.214	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	34.250.196.193 34.250.196.193	16509 (AMAZON-02) (AMAZON-02)
76	28

7 2606:4700:3036::681b:be24 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.nmshealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.191.114 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-114.fra2.r.cloudfront.net

api.mapbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a04:4e42:1b::720 (Ascension Island)

ASN54113 (FASTLY, US)

nmshealth.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.169.61 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

seal-newjersey.bbb.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:2e00:16:bdf:6400:21 (United States)

ASN16509 (AMAZON-02, US)

dpt083jckk2hc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:14ef (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.138 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-138.fra2.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.247.224.84 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-224-84.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:11:101::b93f:9001 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.108.3.214 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-3-214.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.196.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-196-193.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	imgix.net nmshealth.imgix.net	670 KB
7	gstatic.com fonts.gstatic.com	81 KB
7	nmshealth.com 1 redirects www.nmshealth.com	185 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	130 KB
5	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	75 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
4	cloudfront.net dpt083jckk2hc.cloudfront.net dnn506yrbagrg.cloudfront.net	373 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	youtube.com www.youtube.com img.youtube.com	135 KB
3	google.com 1 redirects adservice.google.com www.google.com	483 B
3	google.de adservice.google.de www.google.de	390 B
2	facebook.com www.facebook.com	396 B
2	facebook.net connect.facebook.net	142 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	pingdom.net rum-static.pingdom.net rum-collector-2.pingdom.net	3 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	amazonaws.com s3.amazonaws.com	465 KB
2	mapbox.com api.mapbox.com	165 KB
2	googletagmanager.com www.googletagmanager.com	49 KB
1	ytimg.com s.ytimg.com	14 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	bbb.org seal-newjersey.bbb.org	378 B
76	24

	Domain	Requested by
15	nmshealth.imgix.net	www.nmshealth.com pagead2.googlesyndication.com
7	fonts.gstatic.com	pagead2.googlesyndication.com www.nmshealth.com dpt083jckk2hc.cloudfront.net
7	www.nmshealth.com	1 redirects www.nmshealth.com pagead2.googlesyndication.com
4	pagead2.googlesyndication.com	www.nmshealth.com pagead2.googlesyndication.com
3	secure.livechatinc.com	cdn.livechatinc.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com
3	dpt083jckk2hc.cloudfront.net	www.nmshealth.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.facebook.com	www.nmshealth.com
2	px.ads.linkedin.com	1 redirects www.nmshealth.com
2	www.youtube.com	dpt083jckk2hc.cloudfront.net s.ytimg.com
2	cdn.livechatinc.com	www.nmshealth.com
2	connect.facebook.net	www.nmshealth.com connect.facebook.net
2	www.google.de	www.nmshealth.com
2	www.google.com	1 redirects www.nmshealth.com
2	www.google-analytics.com	1 redirects www.nmshealth.com
2	fonts.googleapis.com	www.nmshealth.com
2	s3.amazonaws.com	www.nmshealth.com
2	api.mapbox.com	www.nmshealth.com
2	www.googletagmanager.com	www.nmshealth.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	s.ytimg.com	www.youtube.com
1	www.linkedin.com	1 redirects
1	img.youtube.com	www.nmshealth.com
1	snap.licdn.com	www.nmshealth.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	1 redirects
1	dnn506yrbagrg.cloudfront.net	www.nmshealth.com
1	www.googleadservices.com	www.googletagmanager.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	rum-static.pingdom.net	www.nmshealth.com
1	seal-newjersey.bbb.org	www.nmshealth.com
76	33

This site contains links to these domains. Also see Links.

Domain
www.healthpod.io
healthpod.io
nmshealth.com
www.bbb.org
facebook.com
twitter.com
plus.google.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
api.mapbox.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-08-20` - `2020-08-20`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.bbb.org RapidSSL RSA CA 2018	`2018-01-30` - `2020-07-02`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.pingdom.net DigiCert SHA2 High Assurance Server CA	`2019-11-08` - `2021-01-19`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.livechatinc.com DigiCert ECC Secure Server CA	`2019-02-10` - `2020-05-11`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-04` - `2020-09-04`	6 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.nmshealth.com/
Frame ID: E9FDB308225F9DA7D2CCA18FF6090491
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200331/r20190131/zrt_lookup.html
Frame ID: 29AFADF54C8AD76CDB456F13B21B10D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2174574310713544&output=html&adk=1812271804&adf=3025194257&lmt=1585851497&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.nmshealth.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585851497496&bpp=26&bdt=755&fdt=155&idt=155&shv=r20200331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8339245019978&frm=20&pv=2&ga_vid=1146512650.1585851498&ga_sid=1585851498&ga_hid=543365730&ga_fc=0&iag=0&icsg=8397440&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530312%2C368226500&oid=3&pvsid=2360914759650083&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=171
Frame ID: 199092E06B2D0FEA4AB375A03986CCF5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/78fVBStC14E?autohide=1&rel=0&autoplay=0&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fwww.nmshealth.com&widgetid=1
Frame ID: 25D5ABB4A6FFE2A7C23F86BAB031B871
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/78fVBStC14E?autohide=1&rel=0&autoplay=0&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fwww.nmshealth.com&widgetid=1
Frame ID: 8D99ECCA2327A5CE0D693C2552A13373
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/11361322/v2/open_chat.cgi?license=11361322&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 790C9C93804B2380D533C50D7761556C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 54CBB08C72AA30BF4A1EF7ED6110EF01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.nmshealth.com/ HTTP 302
https://www.nmshealth.com/ Page URL

Detected technologies

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.livechatinc\.com\/.*tracking\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

76
Requests

99 %
HTTPS

76 %
IPv6

24
Domains

33
Subdomains

28
IPs

7
Countries

2547 kB
Transfer

4437 kB
Size

11
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.healthpod.io/
Title: Login

Search URL Search Domain Scan URL

URL: https://healthpod.io/
Title: pod Log In

Search URL Search Domain Scan URL

URL: https://nmshealth.com/sign-up
Title: Learn More

Search URL Search Domain Scan URL

URL: https://www.bbb.org/new-jersey/business-reviews/clinic/national-medical-systems-in-hamilton-nj-90181065/#sealclick

Search URL Search Domain Scan URL

URL: https://facebook.com/NationalMedicalSystems
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/NatMedSystems
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+NmshealthNatMed
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/1388142/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.nmshealth.com/ HTTP 302
https://www.nmshealth.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=543365730&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nmshealth.com%2F&ul=en-us&de=UTF-8&dt=Employee%20Occupational%20Health%20Screenings%20%7C%20National%20Medical%20Systems%2C%20Inc.&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=930088088&gjid=1982924993&cid=1146512650.1585851498&tid=UA-7614031-1&_gid=1426660076.1585851498&_r=1&z=192713397 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_gid=1426660076.1585851498&gjid=1982924993&_v=j81&z=192713397 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_v=j81&z=192713397 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_v=j81&z=192713397&slf_rd=1&random=2878372647

Request Chain 61

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=574634&url=https%3A%2F%2Fwww.nmshealth.com%2F&time=1585851497865 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D574634%26url%3Dhttps%253A%252F%252Fwww.nmshealth.com%252F%26time%3D1585851497865%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=574634&url=https%3A%2F%2Fwww.nmshealth.com%2F&time=1585851497865&liSync=true

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nmshealth.com/
Redirect Chain

http://www.nmshealth.com/
https://www.nmshealth.com/

37 KB
9 KB

787ms
761ms

Document
text/html

2606:4700:3036::681b:be24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:be24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: 188833a579cd1cbd6f306ed2bf2da755dfe438998e3a8c294ac378d37774f7a9

Request headers

:method: GET
:authority: www.nmshealth.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df1e2b57a88779f580c73215372a454f81585851495
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Thu, 02 Apr 2020 18:18:16 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=600, private, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=7cc8cb661ae63e62bc4847f99652290f; expires=Thu, 09-Apr-2020 18:18:16 GMT; Max-Age=604800; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 57dc8d29de97c295-FRA
content-encoding: br

Redirect headers

Date: Thu, 02 Apr 2020 18:18:15 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=df1e2b57a88779f580c73215372a454f81585851495; expires=Sat, 02-May-20 18:18:15 GMT; path=/; domain=.nmshealth.com; HttpOnly; SameSite=Lax
Location: https://www.nmshealth.com/
Cache-Control: max-age=0
Expires: Thu, 02 Apr 2020 18:18:15 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 57dc8d26cd31178a-FRA

GET
H2 200 plugins.css
www.nmshealth.com/css/plugins/ 294 KB
37 KB 571ms
570ms Stylesheet
text/css 2606:4700:3036::681b:be24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nmshealth.com/css/plugins/plugins.css
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:be24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 482d43a2740b868288340a18cb726c29eff7f52e81a2f8ec10c87eab4ab8fed2

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 17 Aug 2018 11:07:26 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=290304000
cf-ray: 57dc8d2ead9bc295-FRA
expires: Fri, 02 Apr 2021 18:18:17 GMT

GET
H2 200 bootstrap-style.css
www.nmshealth.com/css/ 103 KB
17 KB 696ms
695ms Stylesheet
text/css 2606:4700:3036::681b:be24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nmshealth.com/css/bootstrap-style.css?v=1.36
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:be24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ac922f0c1d5b0ae46b0270ad9ab3dfa6e929399f5d756a78e8c0dce79fa0928

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2019 22:05:01 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=290304000
cf-ray: 57dc8d2eada0c295-FRA
expires: Fri, 02 Apr 2021 18:18:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
28 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1029058206

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

663947bc7df6d2d01a9f7d6091d210ffa13c81b9a4f603b64457418073a819f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:16 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 29062
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Apr 2020 18:18:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 107 KB
38 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7a886fcf45c3ee557732950be013d8fe874b0017f496f17d6b032a1d1cb46b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39159
x-xss-protection: 0
server: cafe
etag: 8251253228728426132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Apr 2020 18:18:16 GMT

GET
H/1.1 200
OK mapbox-gl.js Show response
api.mapbox.com/mapbox-gl-js/v0.47.0/ 614 KB
158 KB 93ms
27ms Script
application/javascript 13.224.191.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v0.47.0/mapbox-gl.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.191.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-191-114.fra2.r.cloudfront.net
Software: / Express
Resource Hash: d5b3f16dd9958b873546eda06d9bdfd620f37661940720e40221d7ca234d16e8

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sun, 16 Feb 2020 09:28:52 GMT
Content-Encoding: gzip
Age: 4006164
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
Last-Modified: Wed Jul 18 2018 21:05:54 GMT+0000 (Coordinated Universal Time)
ETag: "36ca04e544f03802865ec89a8378195e"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: vi3pWu2HTX5tue587s_f6aefo8gh7H4y-kn272JoCOqO_JafARddMw==

GET
H/1.1 200
OK mapbox-gl.css
api.mapbox.com/mapbox-gl-js/v0.47.0/ 30 KB
8 KB 89ms
22ms Stylesheet
text/css 13.224.191.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mapbox.com/mapbox-gl-js/v0.47.0/mapbox-gl.css
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.191.114 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-191-114.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 507914887eb2215ce9b6a64602693e407774cf14b9bfc77608ef5e2c9558c04e

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Sat, 15 Feb 2020 15:49:34 GMT
Content-Encoding: gzip
Age: 4069722
X-Powered-By: Express
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Last-Modified: Wed Jul 18 2018 21:06:11 GMT+0000 (Coordinated Universal Time)
ETag: "48f3a4fe6893a3aaced6b0af9b9081ea"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: ZIq5l9dGfjiYjhvPubdsdv8JfXeyBoE2vlbpklpcT2WtLxOSEnqTtA==

GET
H2 200 nmshealth-web-logos-nav-02.png
nmshealth.imgix.net/images/ 780 B
894 B 223ms
185ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/nmshealth-web-logos-nav-02.png

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

895828ff76c6aa7ca9a165f3566d6f2d52f1b9fc1602dba76f02066ebae9b9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 18:10:28 GMT
server: imgix
age: 468
x-cache: MISS, MISS
content-type: image/png
status: 200
cache-control: public, max-age=3600
x-imgix-id: 2fff6fc6683954d6dcd58b7dcec2315c75997fdb
accept-ranges: bytes
access-control-allow-origin: *
content-length: 780
x-served-by: cache-lax8644-LAX, cache-hhn4067-HHN

GET
H2 200 nmshealth-web-logos-nav-03.png
nmshealth.imgix.net/images/ 759 B
855 B 223ms
186ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/nmshealth-web-logos-nav-03.png

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

02ac7831892daf7acf88603d023a960edf97b5d9d20fe94ccc9524d1d239d3e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 18:10:28 GMT
server: imgix
age: 468
x-cache: MISS, MISS
content-type: image/png
status: 200
cache-control: public, max-age=3600
x-imgix-id: efe2a0b29788e97abe84141acb6d720ff3e7bcdc
accept-ranges: bytes
access-control-allow-origin: *
content-length: 759
x-served-by: cache-lax8632-LAX, cache-hhn4067-HHN

GET
H2 404 employee-physicals-mobile.png
nmshealth.imgix.net/nms-images/employee-physicals-graphic.pngnmshealth.com/nms-images/ 0
0 326ms
289ms Image
text/html 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nmshealth.imgix.net/nms-images/employee-physicals-graphic.pngnmshealth.com/nms-images/employee-physicals-mobile.png?auto=format,compress
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

access-control-allow-origin: *

GET
H2 200 white-paper-cover-page-02.png
nmshealth.imgix.net/nms-images/ 11 KB
11 KB 209ms
171ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/white-paper-cover-page-02.png?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e23afe81b9c5782cf06c1ef1d4be7814641e48daf10786478338c74afee202b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 17:27:40 GMT
server: imgix
age: 3036
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=3600
x-imgix-id: 02e3cb0502acdfb529608500fdc4d5ee4e03fb80
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11254
x-served-by: cache-lax8638-LAX, cache-hhn4067-HHN

GET
H2 200 distribution-center-graphic-mobile.png
nmshealth.imgix.net/nms-images/ 57 KB
57 KB 208ms
171ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/distribution-center-graphic-mobile.png?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

43579b62ebadfa7012997847130eaeb6ab12d6465a024bc26f00608bada373d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 12:14:48 GMT
server: imgix
age: 21809
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 1357a537f5c344298a388b2880ffe187e338a701
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58368
x-served-by: cache-lax8635-LAX, cache-hhn4067-HHN

GET
H2 200 health-depot-employee-profile-mobile.jpg
nmshealth.imgix.net/nms-images/ 136 KB
136 KB 223ms
186ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/health-depot-employee-profile-mobile.jpg?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3932ebc38dba8ad9766a31a3ae9e22ddd34a0f218e3a9c2a2b52142eb67daaaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 30 Mar 2020 13:38:24 GMT
server: imgix
age: 275993
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 038f6d5b1c1812606dacc1147910ed4c35d554f1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 139152
x-served-by: cache-lax8643-LAX, cache-hhn4067-HHN

GET
H2 200 oxycodone-thumb.png
nmshealth.imgix.net/images/ 16 KB
17 KB 405ms
405ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/oxycodone-thumb.png?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

bb47b0bab6decbdb0fff2094e6b491cfe243b507a2ec096c722431a8995cae12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 18:18:17 GMT
server: imgix
age: 0
vary: Accept, User-Agent
x-cache: MISS, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=3600
x-imgix-id: a3b48adbd0d4bb6380ebe6ffb1c2537d23b1b096
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16838
x-served-by: cache-lax8636-LAX, cache-hhn4067-HHN

GET
H2 200 functional-capacity-blog-thumb.png
nmshealth.imgix.net/images/ 17 KB
17 KB 400ms
399ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/functional-capacity-blog-thumb.png?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d2764d9952100cad019f13044521e1cafdffe931fff65b9dd822afdbcaef6572

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 18:18:17 GMT
server: imgix
age: 0
vary: Accept, User-Agent
x-cache: MISS, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=3600
x-imgix-id: 8f289580673b96d08583a47041122d5da103a750
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17380
x-served-by: cache-lax8648-LAX, cache-hhn4067-HHN

GET
H2 200 nms-figure-fff.png
nmshealth.imgix.net/images/ 1 KB
2 KB 8ms
7ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/nms-figure-fff.png?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ac233fb364d46fbbcc177a058b46c6428ad7467ce3531acabdfcb7adcdb1cd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Mar 2020 00:58:33 GMT
server: imgix
age: 580784
vary: Accept, User-Agent
x-cache: HIT, HIT
content-type: image/webp
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 10b397028a0e05e3e4624a9a69637b066ffa8aa6
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1388
x-served-by: cache-lax8644-LAX, cache-hhn4067-HHN

GET
H/1.1 200
OK Powered-by-nms-health.png
s3.amazonaws.com/nmshealth.com/images/ 44 KB
44 KB 493ms
174ms Image
image/png 52.216.169.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/nmshealth.com/images/Powered-by-nms-health.png
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.169.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ab00c06677917136ddb7a7c8d22da74fc1d483860067bc396c21363cb3720b24

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 18:18:18 GMT
Last-Modified: Tue, 13 Aug 2019 20:19:30 GMT
Server: AmazonS3
x-amz-request-id: 6C28875CE3A5CD70
ETag: "fd0e83eb9a8ee681c4180f5416e59603"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 45001
x-amz-id-2: va/YXIgEvR2sgxDiLiSwroYT21p4poQeqAr5f5DK8fvlec5KQ0iT2jNycG+0VyLvFjJghkPlWQI=

GET
H2 200 protecting-against-workers-compensation.png
nmshealth.imgix.net/images/ 93 KB
93 KB 193ms
193ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/protecting-against-workers-compensation.png

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7c18f7c0ff2e79a612294bd61a27a9b738d8125017aaaf528660ce20480934a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 18:10:28 GMT
server: imgix
age: 468
x-cache: MISS, MISS
content-type: image/jpeg
status: 200
cache-control: public, max-age=3600
x-imgix-id: 101f4b120c695543849d459af93c9cab85348504
accept-ranges: bytes
access-control-allow-origin: *
content-length: 95262
x-served-by: cache-lax8627-LAX, cache-hhn4067-HHN

GET
H/1.1 200
OK titer-test-employees.png
s3.amazonaws.com/nmshealth.com/images/ 420 KB
420 KB 465ms
140ms Image
image/png 52.216.169.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/nmshealth.com/images/titer-test-employees.png
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.169.61 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5646578253bbb11dd0372312ea6a8b994574c1bc963a9165cffe3bbb2687c099

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Thu, 02 Apr 2020 18:18:18 GMT
Last-Modified: Wed, 01 May 2019 14:27:14 GMT
Server: AmazonS3
x-amz-request-id: EA70B2F91FCD7407
ETag: "55c43b52d9e70ccbb23a9a0bef43da7e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 430203
x-amz-id-2: pmDxWmKVFHlk7Py967ldayd90uD9zjBJJ1xEcTSSTiU8cDE7enE5GW3YUibSsl2YmoaGeWHDHEc=

GET
H2 200 map-nms-hq.png
nmshealth.imgix.net/nms-images/ 5 KB
5 KB 167ms
166ms Image
image/png 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/map-nms-hq.png

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d57467084cbc70578b33397f2be5e81844551a36fbb27a4bb498511df3a31a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 18:05:26 GMT
server: imgix
age: 771
x-cache: HIT, MISS
content-type: image/png
status: 200
cache-control: public, max-age=3600
x-imgix-id: 67607c23c876c75d7f275f023195ac228ae91217
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5355
x-served-by: cache-lax8642-LAX, cache-hhn4067-HHN

GET
H2 200 black-seal-200-42-whitetxt-bbb-90181065.png
seal-newjersey.bbb.org/seals/ 99 B
378 B 156ms
44ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://seal-newjersey.bbb.org/seals/black-seal-200-42-whitetxt-bbb-90181065.png
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / ASP.NET
Resource Hash: 1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
last-modified: Thu, 02 Apr 2020 16:51:54 GMT
server: keycdn-engine
x-aspnet-version: 4.0.30319
access-control-allow-origin: *
x-edge-location: defr
x-powered-by: ASP.NET
x-cache: MISS
content-type: image/png
status: 200
cache-control: max-age=14400
accept-ranges: bytes
x-shield: active
content-length: 99
expires: Thu, 02 Apr 2020 22:18:17 GMT

GET
H2 200 plugins.js Show response
dpt083jckk2hc.cloudfront.net/js-b/plugins/ 355 KB
355 KB 476ms
439ms Script
application/javascript 2600:9000:20eb:2e00:16:bdf:6400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpt083jckk2hc.cloudfront.net/js-b/plugins/plugins.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:2e00:16:bdf:6400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ce370bb361bae086aa07b535134af8091d2b0534afd3f725762f4717329512f

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:18 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Wed, 22 Aug 2018 21:03:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "3299218521434d50cc82e861cf614299"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 363039
x-amz-cf-id: pnpOWSwJIG8Ac58CzQ_tLwok3MwxOovjGnV1j5Lxqnpy17o4K8JQiw==

GET
H2 200 assan.custom-ver-1.7.js Show response
dpt083jckk2hc.cloudfront.net/js-b/ 11 KB
12 KB 495ms
477ms Script
application/javascript 2600:9000:20eb:2e00:16:bdf:6400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpt083jckk2hc.cloudfront.net/js-b/assan.custom-ver-1.7.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:2e00:16:bdf:6400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 149eb74cd94146845a491149bee6c81028742cbb18eec916960f3fb1f621640a

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:18 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Tue, 22 Jan 2019 15:23:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "415d3919ddbe5ec9c5cfc7932b2b3670"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 11713
x-amz-cf-id: H_EfU0XsDLxl43QGbq2gbfxbv_XAhnbgsyEqvaEcm3KEI1HNEyeauA==

GET
H2 200 smooth-scroll.min.js Show response
dpt083jckk2hc.cloudfront.net/js-b/ 5 KB
5 KB 445ms
445ms Script
application/javascript 2600:9000:20eb:2e00:16:bdf:6400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dpt083jckk2hc.cloudfront.net/js-b/smooth-scroll.min.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:2e00:16:bdf:6400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: abc58d9561f93b557273d922fa757374080215766ff7a8d9b489780fb188073f

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:18 GMT
via: 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified: Wed, 22 Aug 2018 21:03:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "53a7fcc785e987d5ed08302f36de6653"
x-cache: Miss from cloudfront
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 5013
x-amz-cf-id: nu2FN4WirrNjXJdWOb-WrASxMr-bMPJ7C4D6Cn4Ajwm6SZnsCnTjsA==

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8be645ac53c1d3fda2898134b0f00124d61d65744cf3280550dcc504df0fa3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 18:18:17 GMT
server: ESF
date: Thu, 02 Apr 2020 18:18:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 885 B
482 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,400i

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

305e53215f7690460bd84ae900dbde759406569cab5ad3e4b48586489a0f6410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 18:18:17 GMT
server: ESF
date: Thu, 02 Apr 2020 18:18:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET
H2 200 prum.min.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 33ms
13ms Script
application/javascript 2606:4700:10::6814:14ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/prum.min.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:14ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 26 Jun 2019 09:19:43 GMT
server: cloudflare
age: 5439
etag: W/"5d1338af-186f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=43200
cf-ray: 57dc8d33ce1a1f1d-FRA
access-control-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6285
date: Thu, 02 Apr 2020 16:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 02 Apr 2020 18:33:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 53 KB
20 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5JR7MC

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bb3ccaae9282a743ddfec125b86de07cc8095b1d34d6264f3bbc1b96ea6a591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 20371
x-xss-protection: 0
last-modified: Thu, 02 Apr 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nmshealth.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nmshealth.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200331/r20190131/ 215 KB
81 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200331/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef3ba0f3c18e37c5253d13b65cbb3c7532ba7831b6ffc39656b4b54d1be1a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82797
x-xss-protection: 0
server: cafe
etag: 3614043453110941697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET
H2 200 employee-physicals-graphic.png
nmshealth.imgix.net/nms-images/ 26 KB
26 KB 166ms
166ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/employee-physicals-graphic.png?auto=format,compress

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

395db4d760d386f8d1a4d88b36cd76f912996970796dcdfb820099862428d5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 01 Apr 2020 20:02:17 GMT
server: imgix
age: 80160
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 585915f7b929561c5478431901a44c74e247e426
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26452
x-served-by: cache-lax8647-LAX, cache-hhn4067-HHN

GET
H2 200 industry-distribution.png
nmshealth.imgix.net/nms-images/ 74 KB
74 KB 171ms
170ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/industry-distribution.png?auto=format,compress

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

13f90995557ae69d8160c6e50ffa7d656143824a3ce5de3c1840108114f8b79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 17:09:44 GMT
server: imgix
age: 4113
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=31536000
x-imgix-id: 1472acac56f8d745bc2216583768eaeb991f9a14
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75300
x-served-by: cache-lax8626-LAX, cache-hhn4067-HHN

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1991849
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 04:11:26 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
age: 2383611
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13612
x-xss-protection: 0
expires: Sat, 06 Mar 2021 04:11:26 GMT

GET
H2 200 themify.woff
www.nmshealth.com/bower_components/themify-icons/fonts/ 55 KB
33 KB 545ms
545ms Font
application/font-woff 2606:4700:3036::681b:be24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nmshealth.com/bower_components/themify-icons/fonts/themify.woff
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:be24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7

Request headers

Referer: https://www.nmshealth.com/css/plugins/plugins.css
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:18:18 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 01:15:43 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 57dc8d336b9fc295-FRA
expires: Sat, 02 May 2020 18:18:17 GMT

GET
H2 200 LeagueSpartan-Bold.woff2
www.nmshealth.com/fonts/ 12 KB
13 KB 423ms
422ms Font
font/woff2 2606:4700:3036::681b:be24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nmshealth.com/fonts/LeagueSpartan-Bold.woff2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:be24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea1c6a5cbfd48a40a9be1fc339ba713290831c2a65585966d8ec6fe7ab8269d9

Request headers

Referer: https://www.nmshealth.com/css/bootstrap-style.css?v=1.36
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
cf-cache-status: MISS
last-modified: Mon, 28 Jan 2019 20:33:31 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 57dc8d336ba6c295-FRA
expires: Sat, 02 May 2020 18:18:17 GMT

GET
H2 200 fontawesome-webfont.woff2
www.nmshealth.com/bower_components/font-awesome/fonts/ 75 KB
76 KB 335ms
335ms Font
font/woff2 2606:4700:3036::681b:be24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nmshealth.com/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:be24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.nmshealth.com/css/plugins/plugins.css
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 01:14:36 GMT
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 57dc8d336babc295-FRA
expires: Sat, 02 May 2020 18:18:17 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 494606
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:54:51 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 01:03:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
age: 2481282
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13708
x-xss-protection: 0
expires: Fri, 05 Mar 2021 01:03:35 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200331/r20190131/ Frame 29AF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200331/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200331/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nmshealth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nmshealth.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 31 Mar 2020 18:44:06 GMT
expires: Tue, 14 Apr 2020 18:44:06 GMT
content-type: text/html; charset=UTF-8
etag: 10348540741379653356
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4494
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 171251
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v17/ 10 KB
10 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Mar 2020 14:41:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:02 GMT
server: sffe
age: 2086609
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9728
x-xss-protection: 0
expires: Tue, 09 Mar 2021 14:41:28 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 33ms
33ms Script
text/javascript 172.217.16.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1029058206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

70e4aa7e4c7711ef1a2ff6809fd0875f0e931bfece2202f8224b867dea749fdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 10005
x-xss-protection: 0
server: cafe
etag: 2684271574617560064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET
H2 200 health-depot-laptop.jpg
nmshealth.imgix.net/nms-images/ 99 KB
99 KB 178ms
178ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/nms-images/health-depot-laptop.jpg?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3d0c72e56748176b6e9676ca6a2a5032bef96a0bda3a05b1b65397f6a2b289ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 17:27:41 GMT
server: imgix
age: 3035
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=3600
x-imgix-id: 1353d4fd4b6d65cd1cb38c7b8c069a3458583197
accept-ranges: bytes
access-control-allow-origin: *
content-length: 101362
x-served-by: cache-lax8623-LAX, cache-hhn4067-HHN

GET
H2 200 gears-cogs-machine-machinery-159298.jpeg
nmshealth.imgix.net/images/ 131 KB
131 KB 164ms
164ms Image
image/webp 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nmshealth.imgix.net/images/gears-cogs-machine-machinery-159298.jpeg?auto=format,compress

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3924048b6f6344f2a83b9eaef1fe1cfe4bb4418c24173dcd3523955e9138b521

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 17:27:41 GMT
server: imgix
age: 3036
vary: Accept, User-Agent
x-cache: HIT, MISS
content-type: image/webp
status: 200
cache-control: public, max-age=3600
x-imgix-id: 47f517e03bc11c0886c35475759baa80f09f20f9
accept-ranges: bytes
access-control-allow-origin: *
content-length: 134204
x-served-by: cache-lax8637-LAX, cache-hhn4067-HHN

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 01 Apr 2020 19:21:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 82614
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13516
x-xss-protection: 0
expires: Thu, 01 Apr 2021 19:21:23 GMT

GET
H/1.1 200
OK 7665.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0012/ 81 B
575 B 450ms
408ms Script
application/x-javascript 13.225.87.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0012/7665.js?440514
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.87.138 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-138.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e146de9b33f02e1fb43f6d3da12fe990298cd90f24d971203467ab7b4ffa630f

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 18:18:19 GMT
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Last-Modified: Wed, 30 May 2018 16:20:18 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
ETag: "a38f2818c9c7b8352e25a4bfc1fdfcc3"
X-Cache: Miss from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=28800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81
X-Amz-Cf-Id: rWZ18rrrRDeTEQU12F7L-uGLt0GxCaknGz10P2veBct7KxF0ACpARA==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=543365730&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nmshealth.com%2F&ul=en-us&de=UTF-8&dt=Employee%20Occupational%20Health%20Screenings%20%7C%20Na...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_gid=1426660076.1585851498&gjid=1982924993&_v=j81&z=192713397
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_v=j81&z=192713397
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_v=j81&z=192713397&slf_rd=1&random=2878372647

42 B
109 B

21ms
20ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_v=j81&z=192713397&slf_rd=1&random=2878372647

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7614031-1&cid=1146512650.1585851498&jid=930088088&_v=j81&z=192713397&slf_rd=1&random=2878372647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1990 0
0 28ms
28ms Document
text/html 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2174574310713544&output=html&adk=1812271804&adf=3025194257&lmt=1585851497&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.nmshealth.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585851497496&bpp=26&bdt=755&fdt=155&idt=155&shv=r20200331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8339245019978&frm=20&pv=2&ga_vid=1146512650.1585851498&ga_sid=1585851498&ga_hid=543365730&ga_fc=0&iag=0&icsg=8397440&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530312%2C368226500&oid=3&pvsid=2360914759650083&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200331/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2174574310713544&output=html&adk=1812271804&adf=3025194257&lmt=1585851497&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.nmshealth.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1585851497496&bpp=26&bdt=755&fdt=155&idt=155&shv=r20200331&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8339245019978&frm=20&pv=2&ga_vid=1146512650.1585851498&ga_sid=1585851498&ga_hid=543365730&ga_fc=0&iag=0&icsg=8397440&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=42530290%2C42530312%2C368226500&oid=3&pvsid=2360914759650083&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=0&uci=a!0&fsb=1&dtd=171
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nmshealth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nmshealth.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 02 Apr 2020 18:18:17 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Apr-2020 18:33:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
expires: Thu, 02 Apr 2020 18:18:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200331/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1585759507325766"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 27920
x-xss-protection: 0
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 19ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: RGvYNsmRmq7nyK5PMx5YRudRWzIjeT0Dd2sL4y18o3fSg/XB3C9nb3fnWuzmcCTX61nfwGGa9znKqsSVEsn6yQ==
x-fb-trip-id: 1850256238
date: Thu, 02 Apr 2020 18:18:17 GMT, Thu, 02 Apr 2020 18:18:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1029058206/ 2 KB
1 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1029058206/?random=1585851497704&cv=9&fst=1585851497704&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nmshealth.com%2F&tiba=Employee%20Occupational%20Health%20Screenings%20%7C%20National%20Medical%20Systems%2C%20Inc.&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16eb13cc53458488946b46ffb8ed69774c06908ff3f10bf374b57929988ce55f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 18:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK tracking.js Show response
cdn.livechatinc.com/ 216 KB
59 KB 193ms
72ms Script
application/javascript 72.247.224.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 72.247.224.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-84.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a9bdebb33d7edd8d69c133fd46c6b27cb07789c3bce214cf3be5b22d633cfc99

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: bCgwLWPaD3ijVw3rnTu74XjA4C_rqkgF
Content-Encoding: gzip
Last-Modified: Thu, 02 Apr 2020 06:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53
Date: Thu, 02 Apr 2020 18:18:17 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28800
Connection: keep-alive
Content-Length: 60053
X-Amz-Cf-Id: sX-Zzw6AWNkWnQNfa2wqg9-OANhlmhhcd2Pen7QSAEAcsynBPFacvA==
Expires: Fri, 03 Apr 2020 02:18:17 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 3 KB
2 KB 16ms
16ms Script
application/x-javascript 2a02:26f0:10c:39e::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 18:18:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Oct 2019 16:41:31 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=53144
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1576

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
939 B 22ms
22ms Script
application/javascript 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dpt083jckk2hc.cloudfront.net
URL: https://dpt083jckk2hc.cloudfront.net/js-b/plugins/plugins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

6c60c2496a68b9977b469a33ea8583da68d199869b4f5392bb726b667275c238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H2 200 maxresdefault.jpg
img.youtube.com/vi/78fVBStC14E/ 134 KB
134 KB 68ms
68ms Image
image/jpeg 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/78fVBStC14E/maxresdefault.jpg

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de0f3259a5bddcc6e70bb0efbcee92f62711951902b5e4379aa832d26264a028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 137052
x-xss-protection: 0
expires: Thu, 02 Apr 2020 20:18:17 GMT

GET
H2 200 1469485449868602 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 66ms
64ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1469485449868602?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

389b4cc458148b93eff312c01c5f8fecdbbd378ce51c8d8b4f2bf95250a13bd5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6M5Ma+B/NlasfdC7yTVYkcDWuNLTTvTbS9KZl+qKg7MfN7k6KkH49EPLN4UjE/BKthGHK8XwwCHulNTpvVKS5Q==
x-fb-trip-id: 1850256238
date: Thu, 02 Apr 2020 18:18:17 GMT, Thu, 02 Apr 2020 18:18:17 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1029058206/ 42 B
122 B 24ms
24ms Image
image/gif 2a00:1450:4001:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1029058206/?random=1585851497704&cv=9&fst=1585850400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nmshealth.com%2F&tiba=Employee%20Occupational%20Health%20Screenings%20%7C%20National%20Medical%20Systems%2C%20Inc.&async=1&fmt=3&is_vtc=1&random=962359245&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1029058206/ 42 B
110 B 24ms
23ms Image
image/gif 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1029058206/?random=1585851497704&cv=9&fst=1585850400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3p1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nmshealth.com%2F&tiba=Employee%20Occupational%20Health%20Screenings%20%7C%20National%20Medical%20Systems%2C%20Inc.&async=1&fmt=3&is_vtc=1&random=962359245&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 18:18:17 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: dpt083jckk2hc.cloudfront.net
URL: https://dpt083jckk2hc.cloudfront.net/js-b/plugins/plugins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800|Open+Sans:300,300i,400,400i,600,700,800
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 10:27:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
age: 460246
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13464
x-xss-protection: 0
expires: Sun, 28 Mar 2021 10:27:31 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=574634&url=https%3A%2F%2Fwww.nmshealth.com%2F&time=1585851497865
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D574634%26url%3Dhttps%253A%252F%252Fwww.nmshealth.com%252F%26time%3D1585851497865%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=574634&url=https%3A%2F%2Fwww.nmshealth.com%2F&time=1585851497865&liSync=true

0
80 B

112ms
111ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=574634&url=https%3A%2F%2Fwww.nmshealth.com%2F&time=1585851497865&liSync=true
Requested by: Host: www.nmshealth.com
URL: https://www.nmshealth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 02 Apr 2020 18:18:18 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
content-type: application/javascript
content-length: 0
x-li-uuid: pYLZDokTAhYQ2etSPSsAAA==

Redirect headers

date: Thu, 02 Apr 2020 18:18:18 GMT
x-content-type-options: nosniff
linkedin-action: 1
status: 302
strict-transport-security: max-age=2592000
content-length: 0
x-li-uuid: MVYUCIkTAhbw2ZOB6yoAAA==
server: Play
pragma: no-cache
x-li-pop: prod-tln1
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=574634&url=https%3A%2F%2Fwww.nmshealth.com%2F&time=1585851497865&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflVCodKt/ 38 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflVCodKt/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575d697f703ea404e1a023022aaeaaa81e98d1873cf2e7687238bd1606e4f625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 21:48:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160195
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 13931
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 20:16:30 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 08 Apr 2020 21:48:22 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
249 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1469485449868602&ev=PageView&dl=https%3A%2F%2Fwww.nmshealth.com%2F&rl=&if=false&ts=1585851497919&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1585851497918.866081421&it=1585851497774&coo=false&rqm=GET

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:17 GMT, Thu, 02 Apr 2020 18:18:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 02 Apr 2020 18:18:17 GMT

GET 78fVBStC14E
www.youtube.com/embed/ Frame 25D5 0
0

GET
H2 200 78fVBStC14E
www.youtube.com/embed/ Frame 8D99 0
0 162ms
162ms Document
text/html 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/78fVBStC14E?autohide=1&rel=0&autoplay=0&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fwww.nmshealth.com&widgetid=1

Requested by

Host: dpt083jckk2hc.cloudfront.net
URL: https://dpt083jckk2hc.cloudfront.net/js-b/plugins/plugins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/78fVBStC14E?autohide=1&rel=0&autoplay=0&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fwww.nmshealth.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nmshealth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nmshealth.com/

Response headers

status: 200
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
date: Thu, 02 Apr 2020 18:18:18 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=HmztdRb64As; path=/; domain=.youtube.com; secure; expires=Tue, 29-Sep-2020 18:18:17 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=HmztdRb64As; path=/; domain=.youtube.com; secure; expires=Tue, 29-Sep-2020 18:18:17 GMT; httponly; samesite=None YSC=Zne56ZPjk34; path=/; domain=.youtube.com; secure; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Thu, 02-Apr-2020 18:48:17 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK get_dynamic_config.js Show response
secure.livechatinc.com/licence/11361322/v2/ 1 KB
2 KB 221ms
164ms Script
application/javascript 104.108.3.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/11361322/v2/get_dynamic_config.js?t=1585851498001&referrer=&url=https%3A%2F%2Fwww.nmshealth.com%2F&params=&channel_type=code&jsonp=__lc_data_796926
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.108.3.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-3-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1fce1f96ffc82ec3c991756e04f3093abd5493787f72ee23ea1282523ac30668

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Thu, 02 Apr 2020 18:18:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Expose-Headers: X-RateLimit-Remaining, X-RateLimit-Reset
Cache-Control: max-age=0, no-cache, no-store
X-RateLimit-Reset: 1585851503
X-RateLimit-Remaining: 4999
Connection: keep-alive
Content-Length: 535
Expires: Thu, 02 Apr 2020 18:18:18 GMT

GET
H/1.1 200
OK get_static_config.0.169.2.2.208.25.22.8.3.3.1.2.19.js Show response
secure.livechatinc.com/licence/11361322/v2/ 5 KB
2 KB 244ms
243ms Script
application/javascript 104.108.3.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/11361322/v2/get_static_config.0.169.2.2.208.25.22.8.3.3.1.2.19.js?&jsonp=__lc_data_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.108.3.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-3-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 972dc8865cc7308978a572a015a30452ef32cc7831c752cc79d5ed745611e849

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 02 Apr 2020 18:18:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS, POST
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://api.chat.io
Access-Control-Expose-Headers: location
Cache-Control: public, max-age=584
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type, accept
Content-Length: 1842
Expires: Thu, 02 Apr 2020 18:28:02 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1469485449868602&ev=Microdata&dl=https%3A%2F%2Fwww.nmshealth.com%2F&rl=&if=false&ts=1585851498421&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5Ct%5CtEmployee%20Occupational%20Health%20Screenings%20%7C%20National%20Medical%20Systems%2C%20Inc.%5Cn%5Ct%22%2C%22meta%3Adescription%22%3A%22NMS%20Health%20is%20a%20National%20Administrator%20of%20Occupational%20Health%20Services%20Specializing%20in%20Employee%20Physicals%20and%20Exams%2C%20Vendor%20Credentialing%20Screenings%2C%20Drug%20Screens%2C%20Maritime%20Exams%20and%20OSHA%20Medical%20Surveillance.%22%2C%22meta%3Akeywords%22%3A%22occupational%20health%2Cemployee%20health%2Ccorporate%20health%2Cemployee%20physicals%2Cdrug%20screens%2Cosha%2Cosha%20medical%20surveillance%2Cemployee%20wellness%2Cbaseline%20physical%2Cfit%20for%20duty%2Cemployee%20screening%2C%20pre-employment%20physical%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Employee%20Occupational%20Health%20Screenings%22%2C%22og%3Adescription%22%3A%22NMS%20Health%20is%20a%20National%20Administrator%20of%20Occupational%20Health%20Services%20Specializing%20in%20Employee%20Physicals%20and%20Exams%2C%20Vendor%20Credentialing%20Screenings%2C%20Drug%20Screens%2C%20Maritime%20Exams%20and%20OSHA%20Medical%20Surveillance.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nmshealth.com%2Findex%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnmshealth.imgix.net%2Fimages%2Fog-image-nms-logo.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fnmshealth.imgix.net%2Fimages%2Fog-image-nms-logo.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1585851497918.866081421&it=1585851497774&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.nmshealth.com
URL: https://www.nmshealth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 02 Apr 2020 18:18:18 GMT, Thu, 02 Apr 2020 18:18:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 02 Apr 2020 18:18:18 GMT

GET
H/1.1 200
OK open_chat.cgi
secure.livechatinc.com/licence/11361322/v2/ Frame 790C 0
0 163ms
162ms Document
text/html 104.108.3.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/11361322/v2/open_chat.cgi?license=11361322&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.108.3.214 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-3-214.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: secure.livechatinc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.nmshealth.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: __livechat=lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1585851498%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1585851498.85bb23fb39%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nmshealth.com/

Response headers

Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Thu, 02 Apr 2020 18:18:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 02 Apr 2020 18:18:18 GMT
Content-Length: 1501
Connection: keep-alive

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200331&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200331/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91bf9d169baa91cfc9d954b7199ef726b7d8ddfcfdf795fe4231110f0ca6c657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 02 Apr 2020 18:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5124
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200331/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 02 Apr 2020 18:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Thu, 02 Apr 2020 18:18:19 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 148ms
38ms XHR
text/plain 34.250.196.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=516d5f1dabe53d7252000000&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=616&cE=641&dLE=616&dLS=616&fS=615&hS=621&rE=-1&rS=-1&reS=641&resS=1402&resE=1403&uEE=-1&uES=-1&dL=1405&dI=2424&dCLES=2424&dCLEE=2429&dC=3715&lES=3715&lEE=3718&s=nt&title=Employee%20Occupational%20Health%20Screenings%20%7C%20National%20Medical%20Systems%2C%20Inc.&path=https%3A%2F%2Fwww.nmshealth.com%2F&ref=&sId=eo1z3m01&sST=1585851499&sIS=1&rV=0&v=1.4.0
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/prum.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.196.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-196-193.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nmshealth.com/
Origin: https://www.nmshealth.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Thu, 02 Apr 2020 18:18:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 54CB 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.nmshealth.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.nmshealth.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Thu, 02 Apr 2020 18:03:18 GMT
expires: Fri, 02 Apr 2021 18:03:18 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 901
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 44ms
43ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200331&jk=2360914759650083&bg=!1tWl1c1YLCuGqRvMLV4CAAAAOVIAAAALmQFdpvg--q7CXskrIK_9V6x1pH7RIMxogX6vwC1cxgcwngRqvLuGjCicEX4FXUm4X3ipfCtT7-RSoNNCH5Z86lXNBEkTHlFWao93z0KY9dnw36DKSVm1PasGkZlv_4B3RK5GcBL0Hpk7llLzUa9VSpdBU54ZS-a_ibRmCX6_LaDC2DcPZdBLczUKYLvuZYxuhmUt6UkksFkeXoFJEfd4iEBAiez7Qd2IMtivWACPzXzjPxfproLTNvMU1uIIDNlch7gFcftChpJoEUTMs-Z0nPN9UkKJbrcGEawZhHIVuAnWNB-4X1mRvF9dIbB_OfIQFbA1i9HqY8BtrG0zx5YvTbZFRhB_5qTXZwdSmSrkNFEI0v5-o3AUklGHb7kH88tr5VOOwhMVBLTeBYY8e8F9Ip56lQDBXT99iC28RlS_mtQanp_bxMrZABZljF5oQhHwUQTouYZP3YHLADwiK8eybQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nmshealth.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 02 Apr 2020 18:18:19 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 206
Partial Content new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ 11 KB
12 KB 65ms
65ms Media
application/octet-stream 72.247.224.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/media/new_message.a37211a6.ogg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 72.247.224.84 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-224-84.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

Request headers

Referer: https://www.nmshealth.com/
Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: zRdEy7iD0zUuwnU_iwMvYg5i5CX4xJxN
Last-Modified: Thu, 27 Jun 2019 11:06:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: TXL51
ETag: "a37211a6cfcda45352d5abcff1e446bb"
Content-Type: application/octet-stream
Content-Range: bytes 0-11403/11404
Cache-Control: max-age=31536000
Date: Thu, 02 Apr 2020 18:18:20 GMT
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11404
X-Amz-Cf-Id: rCPX8PLOtHAzz0emFnww1bs7aBBnZIgHv7ASJUM7d4HZ_cQ9S7N2Kw==
Expires: Fri, 02 Apr 2021 18:18:20 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/78fVBStC14E?autohide=1&rel=0&autoplay=0&iv_load_policy=3&modestbranding=1&controls=0&showinfo=0&disablekb=1&enablejsapi=1&origin=https%3A%2F%2Fwww.nmshealth.com&widgetid=1

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livechatinc.com/licence/11361322	1970-01-20 11:30:51	Name: __livechat Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1585851498%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1585851498.85bb23fb39%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0
.youtube.com/	1970-01-19 08:30:53	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Zne56ZPjk34
.doubleclick.net/	1970-01-19 17:52:27	Name: IDE Value: AHWqTUnD-FcoiGwQ5CfmvIG3Z8FrCaOHfMNHZ8PcBSi2vRpbUUQcSwqAP74Ml4w_
www.nmshealth.com/	1970-01-19 08:31:01	Name: pa-l Value: pa-l=sid%3Deo1z3m01%26sst%3D1585851499%26sis%3D1%26rv%3D0
.youtube.com/	1970-01-19 12:50:03	Name: VISITOR_INFO1_LIVE Value: HmztdRb64As
.nmshealth.com/	1970-01-19 09:14:03	Name: __cfduid Value: d160fbae08d325700f12a4fce54cd443b1585851497
.nmshealth.com/	1970-01-20 02:02:03	Name: _ga Value: GA1.2.1146512650.1585851498
.nmshealth.com/	1970-01-19 08:30:51	Name: _gat Value: 1
.nmshealth.com/	1970-01-19 10:40:27	Name: _fbp Value: fb.1.1585851497918.866081421
.nmshealth.com/	1970-01-19 08:32:17	Name: _gid Value: GA1.2.1426660076.1585851498

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://api.mapbox.com/mapbox-gl-js/v0.47.0/mapbox-gl.js(Line 29) Message: Error: Failed to initialize WebGL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.mapbox.com
cdn.livechatinc.com
connect.facebook.net
dnn506yrbagrg.cloudfront.net
dpt083jckk2hc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.youtube.com
nmshealth.imgix.net
pagead2.googlesyndication.com
px.ads.linkedin.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
s.ytimg.com
s3.amazonaws.com
seal-newjersey.bbb.org
secure.livechatinc.com
snap.licdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.nmshealth.com
www.youtube.com
www.youtube.com
104.108.3.214
13.224.191.114
13.225.87.138
172.217.16.162
2600:9000:20eb:2e00:16:bdf:6400:21
2606:4700:10::6814:14ef
2606:4700:3036::681b:be24
2a00:1450:4001:808::2001
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
2a00:1450:4001:818::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2008
2a00:1450:4001:81e::2004
2a00:1450:4001:820::2003
2a00:1450:4001:821::200e
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c0b::9d
2a02:26f0:10c:39e::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::720
2a05:f500:10:101::b93f:9105
2a05:f500:11:101::b93f:9001
2a0b:4d07:101::1
34.250.196.193
52.216.169.61
72.247.224.84
02ac7831892daf7acf88603d023a960edf97b5d9d20fe94ccc9524d1d239d3e3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7
0ef3ba0f3c18e37c5253d13b65cbb3c7532ba7831b6ffc39656b4b54d1be1a68
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f90995557ae69d8160c6e50ffa7d656143824a3ce5de3c1840108114f8b79f
149eb74cd94146845a491149bee6c81028742cbb18eec916960f3fb1f621640a
16eb13cc53458488946b46ffb8ed69774c06908ff3f10bf374b57929988ce55f
188833a579cd1cbd6f306ed2bf2da755dfe438998e3a8c294ac378d37774f7a9
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
1dd031f2c08c70b72c6fadcf7b6d3b5cfe55527f8fdc839916ba8daf5fb416ae
1fce1f96ffc82ec3c991756e04f3093abd5493787f72ee23ea1282523ac30668
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d659b59a4cf40320e19b273395524a19b1a354beceb07e791746aec927465c2
305e53215f7690460bd84ae900dbde759406569cab5ad3e4b48586489a0f6410
389b4cc458148b93eff312c01c5f8fecdbbd378ce51c8d8b4f2bf95250a13bd5
3924048b6f6344f2a83b9eaef1fe1cfe4bb4418c24173dcd3523955e9138b521
3932ebc38dba8ad9766a31a3ae9e22ddd34a0f218e3a9c2a2b52142eb67daaaf
395db4d760d386f8d1a4d88b36cd76f912996970796dcdfb820099862428d5a8
3bb3ccaae9282a743ddfec125b86de07cc8095b1d34d6264f3bbc1b96ea6a591
3d0c72e56748176b6e9676ca6a2a5032bef96a0bda3a05b1b65397f6a2b289ae
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
43579b62ebadfa7012997847130eaeb6ab12d6465a024bc26f00608bada373d9
482d43a2740b868288340a18cb726c29eff7f52e81a2f8ec10c87eab4ab8fed2
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
507914887eb2215ce9b6a64602693e407774cf14b9bfc77608ef5e2c9558c04e
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5646578253bbb11dd0372312ea6a8b994574c1bc963a9165cffe3bbb2687c099
575d697f703ea404e1a023022aaeaaa81e98d1873cf2e7687238bd1606e4f625
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
663947bc7df6d2d01a9f7d6091d210ffa13c81b9a4f603b64457418073a819f5
6c60c2496a68b9977b469a33ea8583da68d199869b4f5392bb726b667275c238
70e4aa7e4c7711ef1a2ff6809fd0875f0e931bfece2202f8224b867dea749fdd
7c18f7c0ff2e79a612294bd61a27a9b738d8125017aaaf528660ce20480934a8
7ce370bb361bae086aa07b535134af8091d2b0534afd3f725762f4717329512f
895828ff76c6aa7ca9a165f3566d6f2d52f1b9fc1602dba76f02066ebae9b9c1
91bf9d169baa91cfc9d954b7199ef726b7d8ddfcfdf795fe4231110f0ca6c657
972dc8865cc7308978a572a015a30452ef32cc7831c752cc79d5ed745611e849
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
9ac922f0c1d5b0ae46b0270ad9ab3dfa6e929399f5d756a78e8c0dce79fa0928
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a9bdebb33d7edd8d69c133fd46c6b27cb07789c3bce214cf3be5b22d633cfc99
ab00c06677917136ddb7a7c8d22da74fc1d483860067bc396c21363cb3720b24
abc58d9561f93b557273d922fa757374080215766ff7a8d9b489780fb188073f
ac233fb364d46fbbcc177a058b46c6428ad7467ce3531acabdfcb7adcdb1cd6e
bb47b0bab6decbdb0fff2094e6b491cfe243b507a2ec096c722431a8995cae12
c7c6430070f3f1f2f426c9d1cc1096a85880df46a13effd2e6f2c3cc51e03e3f
d2764d9952100cad019f13044521e1cafdffe931fff65b9dd822afdbcaef6572
d57467084cbc70578b33397f2be5e81844551a36fbb27a4bb498511df3a31a05
d5b3f16dd9958b873546eda06d9bdfd620f37661940720e40221d7ca234d16e8
d7a886fcf45c3ee557732950be013d8fe874b0017f496f17d6b032a1d1cb46b9
de0f3259a5bddcc6e70bb0efbcee92f62711951902b5e4379aa832d26264a028
e146de9b33f02e1fb43f6d3da12fe990298cd90f24d971203467ab7b4ffa630f
e23afe81b9c5782cf06c1ef1d4be7814641e48daf10786478338c74afee202b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1c6a5cbfd48a40a9be1fc339ba713290831c2a65585966d8ec6fe7ab8269d9
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8be645ac53c1d3fda2898134b0f00124d61d65744cf3280550dcc504df0fa3d
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305

www.nmshealth.com Open in urlscan Pro 2606:4700:3036::681b:be24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

76 %IPv6

24 Domains

33 Subdomains

28 IPs

7 Countries

2547 kBTransfer

4437 kBSize

11 Cookies

8 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nmshealth.com Open in urlscan Pro
2606:4700:3036::681b:be24 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

76 %
IPv6

24
Domains

33
Subdomains

28
IPs

7
Countries

2547 kB
Transfer

4437 kB
Size

11
Cookies

76 HTTP transactions
1 data transactions