urlscan.io logo urlscan.io
SecurityTrails logo

pro.nhs-news.com Open in urlscan Pro
161.129.26.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.pstmrk.it/3s/rs-stripe.123cards.net%2Fstripe%2Fredirect%3Fcs_email%3Dguadalupe.reyes%40ssa.sccgov.org%26cs...
Effective URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=168...
Submission: On June 12 via manual from US — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 13 domains to perform 32 HTTP transactions. The main IP is 161.129.26.17, located in United States and belongs to 14WEST-AS, US. The main domain is pro.nhs-news.com.
TLS certificate: Issued by R3 on May 31st 2023. Valid for: 3 months.
This is the only time pro.nhs-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.241.190.78 16509 (AMAZON-02)
2 2 20.225.97.235 8075 (MICROSOFT...)
1 1 3.248.144.158 16509 (AMAZON-02)
2 5 161.129.26.17 11372 (14WEST-AS)
1 2a00:1450:400... 15169 (GOOGLE)
11 2600:9000:223... 16509 (AMAZON-02)
4 2a04:4e42:200... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.224.187.113 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.67 16509 (AMAZON-02)
1 3.220.126.149 14618 (AMAZON-AES)
1 3.88.95.86 14618 (AMAZON-AES)
1 34.218.190.224 16509 (AMAZON-02)
32 12
1    34.241.190.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-190-78.eu-west-1.compute.amazonaws.com
click.pstmrk.it
2    20.225.97.235 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rs-stripe.123cards.net
tr.rev-stripe.com
1    3.248.144.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-144-158.eu-west-1.compute.amazonaws.com
tracking.nmhfiles.com
5    161.129.26.17 (United States)

ASN11372 (14WEST-AS, US)
pro.nhs-news.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2600:9000:223e:2c00:1:fd01:76c0:21 (United States)

ASN16509 (AMAZON-02, US)
d2ne8nk5ac9hp7.cloudfront.net
4    2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.224.187.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-187-113.compute-1.amazonaws.com
naturalhealthresponse.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.224.189.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-67.fra2.r.cloudfront.net
cdn.getblueshift.com
1    3.220.126.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-126-149.compute-1.amazonaws.com
distillery.wistia.com
1    3.88.95.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-88-95-86.compute-1.amazonaws.com
pipedream.wistia.com
1    34.218.190.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-218-190-224.us-west-2.compute.amazonaws.com
api.getblueshift.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d2ne8nk5ac9hp7.cloudfront.net
338 KB
6 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 5278
distillery.wistia.com — Cisco Umbrella Rank: 8092
pipedream.wistia.com — Cisco Umbrella Rank: 7733
146 KB
5 nhs-news.com
pro.nhs-news.com
53 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57
21 KB
3 gstatic.com
fonts.gstatic.com
68 KB
2 getblueshift.com
cdn.getblueshift.com — Cisco Umbrella Rank: 15577
api.getblueshift.com — Cisco Umbrella Rank: 12123
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75
121 KB
1 naturalhealthresponse.com
naturalhealthresponse.com
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 nmhfiles.com
tracking.nmhfiles.com
2 KB
1 rev-stripe.com
tr.rev-stripe.com — Cisco Umbrella Rank: 67665
467 B
1 123cards.net
rs-stripe.123cards.net
313 B
1 pstmrk.it
click.pstmrk.it — Cisco Umbrella Rank: 54833
195 B
32 13
Domain Requested by
11 d2ne8nk5ac9hp7.cloudfront.net pro.nhs-news.com
5 pro.nhs-news.com 2 redirects pro.nhs-news.com
4 fast.wistia.com pro.nhs-news.com
fast.wistia.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com pro.nhs-news.com
d2ne8nk5ac9hp7.cloudfront.net
1 api.getblueshift.com cdn.getblueshift.com
1 pipedream.wistia.com fast.wistia.com
1 distillery.wistia.com fast.wistia.com
1 cdn.getblueshift.com pro.nhs-news.com
1 naturalhealthresponse.com pro.nhs-news.com
1 fonts.googleapis.com pro.nhs-news.com
1 tracking.nmhfiles.com 1 redirects
1 tr.rev-stripe.com 1 redirects
1 rs-stripe.123cards.net 1 redirects
1 click.pstmrk.it 1 redirects
32 16

This site contains links to these domains. Also see Links.

Domain
naturalhealthresponse.com
privacyportal.onetrust.com
Subject Issuer Validity Valid
ordertracking4.pubsvs.com
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.getblueshift.com
Amazon RSA 2048 M02		 2023-02-21 -
2023-09-07		 7 months crt.sh
*.wistia.com
Amazon RSA 2048 M01		 2023-01-31 -
2024-02-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Frame ID: 97059A71FB68101FC6AA656C086B1D9A
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

A Private Message from Dr. Richard Gerhauser, M.D.

Page URL History Show full URLs

  1. https://click.pstmrk.it/3s/rs-stripe.123cards.net%2Fstripe%2Fredirect%3Fcs_email%3Dguadalupe.reyes%4... HTTP 302
    https://rs-stripe.123cards.net/stripe/redirect?cs_email=guadalupe.reyes@ssa.sccgov.org&cs_sendid=4159235fec... HTTP 301
    https://tr.rev-stripe.com/stripe/redirect?cs_email=guadalupe.reyes@ssa.sccgov.org&cs_sendid=4159235fec... HTTP 303
    https://tracking.nmhfiles.com/aff_c?offer_id=3740&aff_id=567&aff_sub=b768dd18c22649aa807a06172190f507&aff_... HTTP 302
    https://pro.nhs-news.com/m/1483001?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=168... HTTP 301
    https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

40 %
IPv6

13
Domains

16
Subdomains

12
IPs

3
Countries

750 kB
Transfer

2024 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.pstmrk.it/3s/rs-stripe.123cards.net%2Fstripe%2Fredirect%3Fcs_email%3Dguadalupe.reyes%40ssa.sccgov.org%26cs_sendid%3D4159235fec4f6f73a912789de33db234%26cs_esp%3Dpostmark%26cs_offset%3D0%26cs_stripeid%3D9346/UTCB/29qtAQ/AQ/4c3b5e11-a8be-40b5-9143-6d3419d77a6d/3/cb_UQzDmhE HTTP 302
    https://rs-stripe.123cards.net/stripe/redirect?cs_email=guadalupe.reyes@ssa.sccgov.org&cs_sendid=4159235fec4f6f73a912789de33db234&cs_esp=postmark&cs_offset=0&cs_stripeid=9346 HTTP 301
    https://tr.rev-stripe.com/stripe/redirect?cs_email=guadalupe.reyes@ssa.sccgov.org&cs_sendid=4159235fec4f6f73a912789de33db234&cs_esp=postmark&cs_offset=0&cs_stripeid=9346 HTTP 303
    https://tracking.nmhfiles.com/aff_c?offer_id=3740&aff_id=567&aff_sub=b768dd18c22649aa807a06172190f507&aff_sub2=618369&aff_sub3=1681&aff_sub4=9346&aff_sub5=579257&pi_adid=579257&pi_clickid=b768dd18c22649aa807a06172190f507&pi_creativeid=618369 HTTP 302
    https://pro.nhs-news.com/m/1483001?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb HTTP 301
    https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/none HTTP 302
  • https://naturalhealthresponse.com/

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/
Redirect Chain
  • https://click.pstmrk.it/3s/rs-stripe.123cards.net%2Fstripe%2Fredirect%3Fcs_email%3Dguadalupe.reyes%40ssa.sccgov.org%26cs_sendid%3D4159235fec4f6f73a912789de33db234%26cs_esp%3Dpostmark%26cs_offset%3D...
  • https://rs-stripe.123cards.net/stripe/redirect?cs_email=guadalupe.reyes@ssa.sccgov.org&cs_sendid=4159235fec4f6f73a912789de33db234&cs_esp=postmark&cs_offset=0&cs_stripeid=9346
  • https://tr.rev-stripe.com/stripe/redirect?cs_email=guadalupe.reyes@ssa.sccgov.org&cs_sendid=4159235fec4f6f73a912789de33db234&cs_esp=postmark&cs_offset=0&cs_stripeid=9346
  • https://tracking.nmhfiles.com/aff_c?offer_id=3740&aff_id=567&aff_sub=b768dd18c22649aa807a06172190f507&aff_sub2=618369&aff_sub3=1681&aff_sub4=9346&aff_sub5=579257&pi_adid=579257&pi_clickid=b768dd18c...
  • https://pro.nhs-news.com/m/1483001?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb
  • https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
156 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.26.17 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
7d73c28e3a160457930c46af524a965ee92e9e7ef8786ed44e69fdb5c9b94a18
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
50469
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Jun 2023 15:30:34 GMT
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding

Redirect headers

Cache-Control
private
Content-Length
344
Content-Type
text/html; charset=utf-8
Date
Mon, 12 Jun 2023 15:30:34 GMT
Location
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Strict-Transport-Security
max-age=63072000; includeSubDomains
Common.js
pro.nhs-news.com/p/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pro.nhs-news.com/p/Scripts/Common.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.26.17 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 15:30:35 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Tue, 31 Mar 2020 05:43:09 GMT
ETag
"1be39421f7d61:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
1140
HideContent.js
pro.nhs-news.com/p/Scripts/ 		724 B
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pro.nhs-news.com/p/Scripts/HideContent.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.129.26.17 , United States, ASN11372 (14WEST-AS, US),
Reverse DNS
Software
/
Resource Hash
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 15:30:35 GMT
Content-Encoding
gzip
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Last-Modified
Wed, 08 Nov 2017 21:07:14 GMT
ETag
"0adf48cd558d31:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
no-cache
Accept-Ranges
bytes
Content-Length
466
css
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900|Oswald:700|&display=swap
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c510913c05bfb8d51f9a81aa118a3d810a048ea628dfaabd87255fe961b0011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 12 Jun 2023 15:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:30:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Jun 2023 15:30:35 GMT
SeniorHealthAlert.png
d2ne8nk5ac9hp7.cloudfront.net/hsi/Phramabrain/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/hsi/Phramabrain/SeniorHealthAlert.png
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f8bd4ae45455c3bf7044ab116888bb38e8677e2e04cbef0be79f09ea1896502a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:37 GMT
x-amz-version-id
v2XOmfy00D779lj.UvTJmnJYfC_E0w0c
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Fri, 23 Jul 2021 13:40:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"5230daac7b63b117d06dd37c2544a46f"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3601
x-amz-cf-id
HgURMGreGS_JY-4WZ3Y_runDITT89e7uskvY8D6LLBCiDymZ1wf-CQ==
thumbnailNew.jpg
d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/images/ 		145 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/images/thumbnailNew.jpg
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1ee14b6ea5c1a2ffa79d14feb79480d0ff5a1ffd6040fe42d2a4e4bf0b8c6d7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 06:58:26 GMT
x-amz-version-id
fx2A1gC2hm3xleQSdspXXLSQMDgR4JPU
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Wed, 29 Sep 2021 18:29:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
30730
etag
"7e9c3b08c6ae111292382a7510b34672"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
148986
x-amz-cf-id
mmiPvuaMzYs34YM5ovkA35oB-B26TRblIMLY5KGO5edgvyZ19pE_Uw==
Worm_new.jpg
d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/images/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/images/Worm_new.jpg
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d9c358cad9e7438667a48cdef7da25c06d40b5d9464f33bb35b91220f5a7132

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
U8UAzuSpq1jiTkLMhj6Dc9pm0vtisKQ9
date
Mon, 12 Jun 2023 15:02:22 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Wed, 22 Sep 2021 19:09:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
1694
etag
"690a9a443e24e3abbbd13624c910ccae"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
75339
x-amz-cf-id
mOxjoFR6b_rGwbC5kXYPilbb2pjETrIMsYCFm-WtpDs47tI_GfCKhQ==
Gerhauser.jpg
d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/Gerhauser.jpg
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e4e3b4e198e69db44e6f811e85dcc2b3aebd6cc098c7883bdca7667ebefb0c8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
ud7C5PZf9AbbJPd1HmmXC3eGOYGMtcHK
date
Mon, 12 Jun 2023 15:30:35 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Wed, 18 Mar 2020 17:10:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
12281
etag
"9851863887ffee9ba5944cc86afb4c4a"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
10066
x-amz-cf-id
vpdiLyuqzO7hmXk2Z9hyOaZgmgDKjM9Gm3lKK3E4d8xAAvmEt64BNQ==
GerhauserBio.jpg
d2ne8nk5ac9hp7.cloudfront.net/nhs/global/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/global/images/GerhauserBio.jpg
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
655d882dec8bf29e240bd6baa25bb787d70ba22d8b71fd24c69c17b34e7219f6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 12 Jun 2023 11:54:14 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Mon, 04 Nov 2019 17:10:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
12982
etag
"2b52dab90d4bf5937ca0d41c9d424578"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
18846
x-amz-cf-id
Sk7Ig4wCx0VcLaRbXotikXB1WOE-Fx9B9JHTKJegCQfuaeribU6G_w==
undermed-beatsystem.jpg
d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/warburg/images/undermed-beatsystem.jpg
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9eb4e085f6b27f57845b756f5500cd0559cd9f6c23183b860f439b23bd5789d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 12 Jun 2023 15:30:35 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Mon, 04 Nov 2019 19:36:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
9647
etag
"f18bc6d5ccdd12a46b9c0f8cf175933e"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
26176
x-amz-cf-id
TdCQ-TvAHwNX4dCTgZLscsKZK_1gN78TRhGEb5CTTezUMwj1Aw7c7Q==
jquery-3.4.0.min.js
d2ne8nk5ac9hp7.cloudfront.net/global/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/global/jquery-3.4.0.min.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date
Mon, 12 Jun 2023 03:58:31 GMT
last-modified
Mon, 04 Nov 2019 19:37:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
41525
etag
"4b9b89890d9d1156441c5d78cba5f2d2"
x-cache
Hit from cloudfront
content-type
text/plain
accept-ranges
bytes
content-length
30654
x-amz-cf-id
1l0Rv5zZEgIdEc-XGH1lT6znbHyyUn8oSMdNC5XHCeT7TYD1CVYcDA==
E-v1.js
fast.wistia.com/assets/external/ 		650 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9744295968958067fe89b9f16853210b780603a608f25c2ff4cc1a66b47adb1e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:35 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
29
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
119852
x-served-by
cache-iad-kcgs7200028-IAD, cache-mxp6934-MXP
x-browser-version
114
last-modified
Fri, 09 Jun 2023 19:32:17 GMT
server
AmazonS3
x-timer
S1686583836.869466,VS0,VE0
etag
"c7f17b1c546c0f11e0e4a3792584e6f9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
dc7e4f84dd123946d14b1a6b16a42df5f5a7be56
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
51, 4
lazyload.js
d2ne8nk5ac9hp7.cloudfront.net/global/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/global/lazyload.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9368931932c826d429e81e8675978732f967c74416b20dcfd942332fbccf47de

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 11 Jun 2023 20:20:47 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Wed, 24 Apr 2019 18:04:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
68989
etag
"ea3eeb28bdec27ed4e6579a6fcc82f19"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5386
x-amz-cf-id
6pRvbh3Gud4dKA6l-lVvQRyxGSr4BUviI2up1s2IQWEA8556cZpgyQ==
nhs_promo_functions.js
d2ne8nk5ac9hp7.cloudfront.net/nhs/global/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/global/js/nhs_promo_functions.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f80e9edf2818033208ea344b6b90092ce25976d17893e28b9aeb6f5419f1fafb

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
JMuymDWV5bSiiSVFbt6FHyi2YTQW8DiU
date
Mon, 12 Jun 2023 06:32:15 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Thu, 13 May 2021 21:24:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
32301
etag
"86973300e5e6ec4936bcb6f4e6e9acb5"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
13326
x-amz-cf-id
qxKD574BpPrNYiBfWH6NlXNHKhnQOuu8GSbBwp21q3rUpdRdtuOEjQ==
google-analytics-nhs.js
d2ne8nk5ac9hp7.cloudfront.net/nhs/global/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/global/js/google-analytics-nhs.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3a2cd4686203d52cc80d23d422f51c312b38522af363f1a4bc411ba5b675850

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
RwP7zKaD.gPSFLoOLD7MKD.VBsHb21To
date
Mon, 12 Jun 2023 05:00:40 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 00:40:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
37795
etag
"d5b01db418c4ccb792433471013afb65"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
7298
x-amz-cf-id
3mWPWYLxVZXKe9kam_aA6f22Q78qgyiT43_n6_nDJjPKki90_ypOmA==
NaturalHealthResponse_Footer_52x52.png
d2ne8nk5ac9hp7.cloudfront.net/nhs/global/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2ne8nk5ac9hp7.cloudfront.net/nhs/global/images/NaturalHealthResponse_Footer_52x52.png
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:2c00:1:fd01:76c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8fb5fac71b40938d2a52abeac77808f717d01fe95b6785e06844144b88ccd109

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id
QvIjmFF0xJCNG78z.Az.QArcbg_.YbDp
date
Mon, 12 Jun 2023 11:23:25 GMT
via
1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
last-modified
Thu, 05 Mar 2020 18:25:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
14831
etag
"498f9947375e974f631526859c51347b"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1798
x-amz-cf-id
DFP5tJ_x31l2RyjKgyvmkePMBthTevTicx0HhuJHe7g4SgxLA7DrKA==
gtm.js
www.googletagmanager.com/ 		477 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MCZN9XW
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad15f16e540b65f0dc10e4f6055a570d2f6b704be17e62b365dfb272219b1df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76187
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Jun 2023 15:30:35 GMT
/
naturalhealthresponse.com/
Redirect Chain
  • https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/none
  • https://naturalhealthresponse.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naturalhealthresponse.com/
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
H2
Server
34.224.187.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-187-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Redirect headers

Location
http://naturalhealthresponse.com
Date
Mon, 12 Jun 2023 15:30:35 GMT
Cache-Control
private
Referrer-Policy
no-referrer-when-downgrade
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Length
149
Content-Type
text/html; charset=utf-8
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Oswald:700|&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.nhs-news.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 13:31:10 GMT
x-content-type-options
nosniff
age
179965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 13:31:10 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Oswald:700|&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.nhs-news.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 10 Jun 2023 15:41:45 GMT
x-content-type-options
nosniff
age
172130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 09 Jun 2024 15:41:45 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900|Oswald:700|&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pro.nhs-news.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 21:14:56 GMT
x-content-type-options
nosniff
age
238539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22504
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Jun 2024 21:14:56 GMT
js
www.googletagmanager.com/gtag/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-536812-54
Requested by
Host: d2ne8nk5ac9hp7.cloudfront.net
URL: https://d2ne8nk5ac9hp7.cloudfront.net/global/jquery-3.4.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
76da42e6be57ca26a2478eeef86bfb91f436db57a1c2918ffcb76f13561e6d2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47538
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Jun 2023 15:30:35 GMT
o9nxzd0wsc.json
fast.wistia.com/embed/medias/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/o9nxzd0wsc.json
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d8575a147caa5d789f2fd615202640d2f03fa538c5506915e7a7ca4be2d85a30
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:36 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 47c0295005ec7d8570406951491004c2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD89-C3
age
98477
x-cache
Miss from cloudfront, HIT, HIT
x-envoy-upstream-service-time
44
content-length
1271
x-request-id
b1aa2b0f-1fee-4c64-8277-5e776e395659
x-served-by
cache-iad-kcgs7200121-IAD, cache-mxp6941-MXP
x-runtime
0.042252
referrer-policy
strict-origin-when-cross-origin
x-browser-version
114
server
envoy
x-timer
S1686583836.054886,VS0,VE7
etag
W/"d8575a147caa5d789f2fd615202640d2"
x-download-options
noopen
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
sO9qEtBo27q5ykxU0PUYfOHIAKc3ZjkC5z4CzJkJHNlnXD31ZELkCg==
x-cache-hits
123, 1
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-536812-54
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 12 Jun 2023 15:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1548
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 12 Jun 2023 17:04:48 GMT
blueshift.js
cdn.getblueshift.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.getblueshift.com/blueshift.js
Requested by
Host: pro.nhs-news.com
URL: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e751514dc1d224be97ed644ada25dc382108c9d7967bafe328f5d7a176047b9c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Mon, 12 Jun 2023 14:55:53 GMT
Content-Encoding
gzip
Via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Age
2084
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2228
Last-Modified
Wed, 22 Mar 2023 02:49:08 GMT
Server
AmazonS3
ETag
"f0cb4d631149e484cf139de39318f519"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Accept-Ranges
bytes
X-Amz-Cf-Id
3v91qBRLKMSKsNbVNkUIifGc81qPvUm0-x4EsKQYwLsojiJfXqTUEg==
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2074165319&t=pageview&_s=1&dl=https%3A%2F%2Fpro.nhs-news.com%2Fp%2FNHSWARDISPLAY0423%2FPNHSZ500%2F%3Faid%3D567%26sid1%3Db768dd18c22649aa807a06172190f507%26sid2%3D618369%26sid3%3D1681%26sid4%3D9346%26sid5%3D579257%26oid%3D3740%26tid%3D10229f711bb4508a325b9f25feb4cb%26h%3Dtrue&ul=en-us&de=UTF-8&dt=A%20Private%20Message%20from%20Dr.%20Richard%20Gerhauser%2C%20M.D.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1767213198&gjid=481329948&cid=219439069.1686583836&tid=UA-536812-54&_gid=1431661850.1686583836&_r=1&gtm=457e3671&jsscut=1&z=1556696748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 15:30:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.nhs-news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2074165319&t=event&_s=1&dl=https%3A%2F%2Fpro.nhs-news.com%2Fp%2FNHSWARDISPLAY0423%2FPNHSZ500%2F%3Faid%3D567%26sid1%3Db768dd18c22649aa807a06172190f507%26sid2%3D618369%26sid3%3D1681%26sid4%3D9346%26sid5%3D579257%26oid%3D3740%26tid%3D10229f711bb4508a325b9f25feb4cb%26h%3Dtrue&ul=en-us&de=UTF-8&dt=A%20Private%20Message%20from%20Dr.%20Richard%20Gerhauser%2C%20M.D.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20Page%20Visit&ea=Visited%20%7C%20VSL%20Page&el=VSL%20Page%20https%3A%2F%2Fpro.nhs-news.com%2Fp%2FNHSWARDISPLAY0423%2FPNHSZ500%2F&_u=aEDAAUABAAAAACAAI~&jid=644450706&gjid=960977947&cid=219439069.1686583836&tid=UA-536812-54&_gid=1431661850.1686583836&_r=1&_slc=1&z=1613580104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Jun 2023 15:30:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://pro.nhs-news.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		77 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a6f05cc47bd620897c6aeb49c3d7c1ef801bf0e3efc8ec56d4b3ee99f97b515
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Origin
https://pro.nhs-news.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:36 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
204
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20671
x-served-by
cache-iad-kcgs7200106-IAD, cache-mxp6941-MXP
x-browser-version
114
last-modified
Fri, 09 Jun 2023 19:32:17 GMT
server
AmazonS3
x-timer
S1686583836.498849,VS0,VE0
etag
"65ce914a0c800a2c1dcc9b7aaaf67ef0"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
dc7e4f84dd123946d14b1a6b16a42df5f5a7be56
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
56, 13
x
distillery.wistia.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.126.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-126-149.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 12 Jun 2023 15:30:36 GMT
cache-control
max-age=0, private, must-revalidate
mput
pipedream.wistia.com/ 		2 B
136 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.88.95.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-88-95-86.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 12 Jun 2023 15:30:36 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
allIntegrations.js
fast.wistia.com/assets/external/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29cb020419d8670323588a5982eb9421538c3c474186c1fea3fd8de096eaf1c4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
Origin
https://pro.nhs-news.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 15:30:37 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
238
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5665
x-served-by
cache-iad-kiad7000126-IAD, cache-mxp6941-MXP
x-browser-version
114
last-modified
Fri, 09 Jun 2023 19:32:17 GMT
server
AmazonS3
x-timer
S1686583838.501037,VS0,VE0
etag
"f54e46db7629001fd15d04d689f324fc"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
dc7e4f84dd123946d14b1a6b16a42df5f5a7be56
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
46, 9
unity.gif
api.getblueshift.com/ 		42 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.getblueshift.com/unity.gif?t=1686583838&e=pageload&r=&z=565900&x=767c8ad81f2bd98bd1d57c4bf14e7c4e&k=cc66d44a-e327-f60d-45be-06ccd14130df&u=https%3A%2F%2Fpro.nhs-news.com%2Fp%2FNHSWARDISPLAY0423%2FPNHSZ500%2F%3Faid%3D567%26sid1%3Db768dd18c22649aa807a06172190f507%26sid2%3D618369%26sid3%3D1681%26sid4%3D9346%26sid5%3D579257%26oid%3D3740%26tid%3D10229f711bb4508a325b9f25feb4cb%26h%3Dtrue
Requested by
Host: cdn.getblueshift.com
URL: https://cdn.getblueshift.com/blueshift.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.218.190.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-218-190-224.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid=567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://pro.nhs-news.com
date
Mon, 12 Jun 2023 15:30:37 GMT
access-control-expose-headers
etag
content-length
42
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
image/gif

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| __attachEventHandler function| __detachEventHandler function| __addUnloadEvent function| __sendAjaxPost function| __urlParameters function| __setCookie function| __getCookie function| __getByClassName number| __subscribeNowDelay function| __showElements object| __subscribeNowElements function| __showSubscribeNow object| dataLayer function| $ function| jQuery function| _extends function| _typeof function| LazyLoad string| disclaimWording string| adWord string| astDisclaim object| noSpace function| get_url_parameter boolean| isMobile object| goa function| gtag undefined| firstname undefined| email function| popOff function| stepOff function| advertOn function| disclaimOn function| disclaimOn_2 function| copySwap function| innerDisc function| videoDisc function| Cookies string| pubpromo object| Lazy object| aboutPage string| channelPromocode string| videoBar string| videoId string| vidClass object| _wq object| popupWindow function| positionedPopup string| popMatch boolean| vslDisclaim string| pagename string| exitPage function| exitPages function| shutDown string| ua number| trident number| msie boolean| containerLoaded object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia string| _wistiaElemId object| wistiaEmbeds object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external string| _blueshiftid object| blueshift string| pixelURL string| pagenumber string| tid undefined| trackid undefined| source undefined| trackPixel object| gaplugins object| gaGlobal object| gaData string| req

14 Cookies

Domain/Path Name / Value
pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500 Name: https://pro.nhs-news.com/p/NHSWARDISPLAY0423/PNHSZ500/?aid
Value: 567&sid1=b768dd18c22649aa807a06172190f507&sid2=618369&sid3=1681&sid4=9346&sid5=579257&oid=3740&tid=10229f711bb4508a325b9f25feb4cb&h=true=visited
.rev-stripe.com/ Name: eid2707
Value: b768dd18c22649aa807a06172190f507
tracking.nmhfiles.com/ Name: enc_aff_session_3740
Value: ENC0359ce15eb2f98d86f632640084b5cca83ae3638d31a98fda418579dd88f23207d23526e3c61aa1d98a4faec9ff5fc56145c229c10c36012da13a0febd5ce448af0cb68644eb95df8662d3707a46964858d1320dd6e574c68b07fcc26ab8d84fb994ac7a9c70be3ebf34af084cc6dc10e7161684459e16e2f4066a2b2e6a21c39d8d493ab316f96861f0343750e21f48ca709530f69cf98ad73e321fa959da6f092c326356
tracking.nmhfiles.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMTQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTA2IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJpdC1JVCxpdDtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pro.nhs-news.com/ Name: 1483001
Value: 2600209
pro.nhs-news.com/ Name: BIGipServerIRIS_PROD_HTTPS_POOL
Value: !B4fE25/xiQpubVoOWwzodhrFVebKMDCU//GXTXyvWeJYP0ps0Ps+oNQ+ZB3Nj2nLJ1WifEYRJUENBpo=
pro.nhs-news.com/ Name: PNHSZ500
Value:
.nhs-news.com/ Name: _ga
Value: GA1.2.219439069.1686583836
.nhs-news.com/ Name: _gid
Value: GA1.2.1431661850.1686583836
.nhs-news.com/ Name: _gat_gtag_UA_536812_54
Value: 1
.pro.nhs-news.com/ Name: _ga
Value: GA1.3.219439069.1686583836
.pro.nhs-news.com/ Name: _gid
Value: GA1.3.1431661850.1686583836
.pro.nhs-news.com/ Name: _gat
Value: 1
.pro.nhs-news.com/ Name: _bs
Value: cc66d44a-e327-f60d-45be-06ccd14130df

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getblueshift.com
cdn.getblueshift.com
click.pstmrk.it
d2ne8nk5ac9hp7.cloudfront.net
distillery.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
naturalhealthresponse.com
pipedream.wistia.com
pro.nhs-news.com
rs-stripe.123cards.net
tr.rev-stripe.com
tracking.nmhfiles.com
www.google-analytics.com
www.googletagmanager.com
13.224.189.67
161.129.26.17
20.225.97.235
2600:9000:223e:2c00:1:fd01:76c0:21
2a00:1450:4001:80b::2008
2a00:1450:4001:812::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a04:4e42:200::622
3.220.126.149
3.248.144.158
3.88.95.86
34.218.190.224
34.224.187.113
34.241.190.78
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
29cb020419d8670323588a5982eb9421538c3c474186c1fea3fd8de096eaf1c4
4a6f05cc47bd620897c6aeb49c3d7c1ef801bf0e3efc8ec56d4b3ee99f97b515
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c510913c05bfb8d51f9a81aa118a3d810a048ea628dfaabd87255fe961b0011
655d882dec8bf29e240bd6baa25bb787d70ba22d8b71fd24c69c17b34e7219f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76da42e6be57ca26a2478eeef86bfb91f436db57a1c2918ffcb76f13561e6d2b
7d73c28e3a160457930c46af524a965ee92e9e7ef8786ed44e69fdb5c9b94a18
809a6bdcc35b316bf93316955e29816c41204f9bcc5fefb53d8a075bba2ee6ac
86034bbe69eebb0c08660ff7f0128dd0bd1d852176489ca3a3da7b49bd647cbd
8d9c358cad9e7438667a48cdef7da25c06d40b5d9464f33bb35b91220f5a7132
8e4e3b4e198e69db44e6f811e85dcc2b3aebd6cc098c7883bdca7667ebefb0c8
8fb5fac71b40938d2a52abeac77808f717d01fe95b6785e06844144b88ccd109
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9368931932c826d429e81e8675978732f967c74416b20dcfd942332fbccf47de
9744295968958067fe89b9f16853210b780603a608f25c2ff4cc1a66b47adb1e
a9eb4e085f6b27f57845b756f5500cd0559cd9f6c23183b860f439b23bd5789d
ad15f16e540b65f0dc10e4f6055a570d2f6b704be17e62b365dfb272219b1df8
b3a2cd4686203d52cc80d23d422f51c312b38522af363f1a4bc411ba5b675850
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d8575a147caa5d789f2fd615202640d2f03fa538c5506915e7a7ca4be2d85a30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e751514dc1d224be97ed644ada25dc382108c9d7967bafe328f5d7a176047b9c
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ee14b6ea5c1a2ffa79d14feb79480d0ff5a1ffd6040fe42d2a4e4bf0b8c6d7
f80e9edf2818033208ea344b6b90092ce25976d17893e28b9aeb6f5419f1fafb
f8bd4ae45455c3bf7044ab116888bb38e8677e2e04cbef0be79f09ea1896502a