innovation.nhs.uk Open in urlscan Pro
20.90.168.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://innovation.nhs.uk/
Effective URL:
https://innovation.nhs.uk/
Submission: On April 23 via api (April 23rd 2024, 8:40:27 pm UTC) from US — Scanned from GB

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 20.90.168.75, located in London, United Kingdom and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is innovation.nhs.uk.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 19th 2023. Valid for: a year.

This is the only time innovation.nhs.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	20.90.168.75 20.90.168.75	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.23.65.148 2.23.65.148	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2

13 20.90.168.75 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

innovation.nhs.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.65.148 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-65-148.deploy.static.akamaitechnologies.com

assets.nhs.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	innovation.nhs.uk innovation.nhs.uk	254 KB
2	assets.nhs.uk assets.nhs.uk — Cisco Umbrella Rank: 46540	35 KB
15	2

	Domain	Requested by
13	innovation.nhs.uk	innovation.nhs.uk
2	assets.nhs.uk	innovation.nhs.uk
15	2

This site contains no links.

Subject Issuer	Validity	Valid
*.innovation.nhs.uk Sectigo RSA Organization Validation Secure Server CA	`2023-04-19` - `2024-05-19`	a year	crt.sh
www.nhs.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://innovation.nhs.uk/
Frame ID: 64191460645AD6725840E650CEFE2C52
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your gateway to innovation in the NHS - Innovation Service Your gateway to innovation in the NHS

Page URL History Show full URLs

http://innovation.nhs.uk/ HTTP 307
https://innovation.nhs.uk/ Page URL

Page Statistics

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

289 kB
Transfer

271 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://innovation.nhs.uk/ HTTP 307
https://innovation.nhs.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
innovation.nhs.uk/
Redirect Chain

http://innovation.nhs.uk/
https://innovation.nhs.uk/

35 KB
36 KB

522ms
369ms

Document
text/html

20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7291098190da184925d1ec8cb29cfb6abef3c0c4ec8d2143c92ff753192763ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35899
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Content-Type: text/html; charset=utf-8
Cross-Origin-Opener-Policy: same-origin
Date: Tue, 23 Apr 2024 20:40:22 GMT
Referrer-Policy: same-origin
Strict-Transport-Security: max-age=31536000
Vary: Cookie
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

Redirect headers

Location: https://innovation.nhs.uk/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK nhsuk.min.35d954149046.css
innovation.nhs.uk/static/wagtailnhsukfrontend/css/ 101 KB
102 KB 56ms
54ms Stylesheet
text/css 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/wagtailnhsukfrontend/css/nhsuk.min.35d954149046.css

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a72900690b57bf20fd2f7338496a56dcb7772d2bb19406a2aa37192dd8afdb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:12 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: text/css
Content-Disposition: inline; filename="nhsuk.min.35d954149046.css"
Connection: keep-alive
Content-Length: 103346

GET
H/1.1 200
OK output.2b997a1aa695.css
innovation.nhs.uk/static/CACHE/css/ 13 KB
14 KB 151ms
48ms Stylesheet
text/css 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/CACHE/css/output.2b997a1aa695.css

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2b997a1aa69553e0b61587cddfd4064e3dbac0fb503dfbd7be309846a80f4945

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:18 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: text/css
Content-Disposition: inline; filename="output.2b997a1aa695.css"
Connection: keep-alive
Content-Length: 12987

GET
H/1.1 200
OK cookies_helper.2d5bebb7dc30.js Show response
innovation.nhs.uk/static/js/ 1 KB
3 KB 162ms
38ms Script
application/javascript 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/js/cookies_helper.2d5bebb7dc30.js

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

bb1b61ea7c890d124213f2b382030d5b34f7bd20ff405238ca24d7e01c1c1ec1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:12 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Disposition: inline; filename="cookies_helper.2d5bebb7dc30.js"
Connection: keep-alive
Content-Length: 1483

GET
H/1.1 200
OK analytics.cba89af8ff7d.js Show response
innovation.nhs.uk/static/js/ 1 KB
3 KB 170ms
46ms Script
application/javascript 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/js/analytics.cba89af8ff7d.js

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80379b722aea45c58b145531f9217a4a1210b1d41328e6082293923785c4535a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:12 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Disposition: inline; filename="analytics.cba89af8ff7d.js"
Connection: keep-alive
Content-Length: 1454

GET
H/1.1 200
OK AAC_Partnership_Logo_Final_On_Dark.max-250x250.png
innovation.nhs.uk/media/images/ 13 KB
14 KB 232ms
108ms Image
image/png 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://innovation.nhs.uk/media/images/AAC_Partnership_Logo_Final_On_Dark.max-250x250.png

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

67e0de72a1c249d9bb439c5a08e149b9e077a57b6ad919004cc0a21df9b2c5a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Thu, 30 Mar 2023 15:27:34 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: image/png
Content-Disposition: inline; filename="AAC_Partnership_Logo_Final_On_Dark.max-250x250.png"
Connection: keep-alive
Content-Length: 13163

GET
H/1.1 200
OK ai-generated-8608192_1280.2e16d0ba.fill-400x300.jpg
innovation.nhs.uk/media/images/ 16 KB
18 KB 218ms
92ms Image
image/jpeg 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://innovation.nhs.uk/media/images/ai-generated-8608192_1280.2e16d0ba.fill-400x300.jpg

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8d9e1166b585ab0ec941644ae5ed248d229ba3c2a28748e4fd83e0224b4cd2b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Tue, 05 Mar 2024 16:57:54 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: image/jpeg
Content-Disposition: inline; filename="ai-generated-8608192_1280.2e16d0ba.fill-400x300.jpg"
Connection: keep-alive
Content-Length: 16671

GET
H/1.1 200
OK figure-1691868_1280.2e16d0ba.fill-400x300.jpg
innovation.nhs.uk/media/images/ 10 KB
12 KB 69ms
68ms Image
image/jpeg 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://innovation.nhs.uk/media/images/figure-1691868_1280.2e16d0ba.fill-400x300.jpg

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ee57aa49324de8e9ef299efe47ec8c677f6e7f635f086a2fe146589b7b10d0b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Jan 2024 10:54:23 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: image/jpeg
Content-Disposition: inline; filename="figure-1691868_1280.2e16d0ba.fill-400x300.jpg"
Connection: keep-alive
Content-Length: 10705

GET
H/1.1 200
OK robina-weermeijer-igwG8aIaypo-unsp.2e16d0ba.fill-400x300.jpg
innovation.nhs.uk/media/images/ 25 KB
26 KB 108ms
107ms Image
image/jpeg 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://innovation.nhs.uk/media/images/robina-weermeijer-igwG8aIaypo-unsp.2e16d0ba.fill-400x300.jpg

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1cd2ef91346aafd071c1ecd167290a28412860b27c70a0df083ac6e29ae2c1bf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Mon, 31 Jul 2023 15:13:44 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: image/jpeg
Content-Disposition: inline; filename="robina-weermeijer-igwG8aIaypo-unsp.2e16d0ba.fill-400x300.jpg"
Connection: keep-alive
Content-Length: 25556

GET
H/1.1 200
OK nhsuk.min.8d956fa1b9dc.js Show response
innovation.nhs.uk/static/wagtailnhsukfrontend/js/ 6 KB
8 KB 43ms
42ms Script
application/javascript 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/wagtailnhsukfrontend/js/nhsuk.min.8d956fa1b9dc.js

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

43717e5f26b3913327f43ae641b3d170aafbdc6b4efd0926a04911a822fb06d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:12 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Disposition: inline; filename="nhsuk.min.8d956fa1b9dc.js"
Connection: keep-alive
Content-Length: 6460

GET
H/1.1 200
OK scripts.654ea7753c23.js Show response
innovation.nhs.uk/static/js/ 3 KB
4 KB 61ms
61ms Script
application/javascript 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/js/scripts.654ea7753c23.js

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cd8af06dc192f883f92a91ecacdef24c5b78b1b86c5841c3fcd6eb27b4a5fcde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:12 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: application/javascript
Content-Disposition: inline; filename="scripts.654ea7753c23.js"
Connection: keep-alive
Content-Length: 2625

GET
H2 200 FrutigerLTW01-55Roman.woff2
assets.nhs.uk/fonts/ 17 KB
18 KB 236ms
71ms Font
application/octet-stream 2.23.65.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nhs.uk/fonts/FrutigerLTW01-55Roman.woff2

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/static/wagtailnhsukfrontend/css/nhsuk.min.35d954149046.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.65.148 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-65-148.deploy.static.akamaitechnologies.com

Software

Resource Hash

886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://innovation.nhs.uk
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Apr 2024 20:40:22 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000
x-azure-ref-originshield: 0acATZAAAAAD42jyoDMjgSooI16h/eLvlRlJBMjMxMDUwNDE4MDE3ADZjY2M3OTcwLTkyY2QtNGIzZi1hMTQ3LWYzMGEzODI0YzFkMg==
content-md5: lRIDEWIJgHewKikdW/afDg==
content-length: 17312
x-ms-lease-status: unlocked
last-modified: Tue, 09 Apr 2019 10:17:13 GMT
etag: 0x8D6BCD488B0257A
x-azure-ref: 0acATZAAAAABA37CStFMjSq+g2R9oWTM9RlJBMzFFREdFMDQxMAA2Y2NjNzk3MC05MmNkLTRiM2YtYTE0Ny1mMzBhMzgyNGMxZDI=
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 50d90af9-b01e-0026-156e-5833f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2628288
x-ms-version: 2009-09-19
expires: Fri, 24 May 2024 06:45:10 GMT

GET
H/1.1 200
OK is-banner-02-1440x135.original.jpg
innovation.nhs.uk/media/images/ 9 KB
10 KB 109ms
80ms Image
image/jpeg 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://innovation.nhs.uk/media/images/is-banner-02-1440x135.original.jpg

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

45bd919d6af920dfbcb2d5717616588e3c233cfc9c918828f2c0931f150233e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Thu, 09 Feb 2023 15:14:58 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: image/jpeg
Content-Disposition: inline; filename="is-banner-02-1440x135.original.jpg"
Connection: keep-alive
Content-Length: 9149

GET
H2 200 FrutigerLTW01-65Bold.woff2
assets.nhs.uk/fonts/ 17 KB
17 KB 218ms
53ms Font
application/octet-stream 2.23.65.148
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.nhs.uk/fonts/FrutigerLTW01-65Bold.woff2

Requested by

Host: innovation.nhs.uk
URL: https://innovation.nhs.uk/static/wagtailnhsukfrontend/css/nhsuk.min.35d954149046.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.23.65.148 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-65-148.deploy.static.akamaitechnologies.com

Software

Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://innovation.nhs.uk
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 23 Apr 2024 20:40:22 GMT
strict-transport-security: max-age=63072000
content-md5: OPdl6/MQFVFaVJuAqOKjeg==
content-length: 17216
x-ms-lease-status: unlocked
last-modified: Tue, 09 Apr 2019 10:17:14 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D6BCD48962A5B8
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 80dbecb9-701e-005d-4547-ce5841000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=2628288
x-ms-version: 2009-09-19
x-datastream-cache-status: 1
expires: Fri, 24 May 2024 06:45:10 GMT

GET
H/1.1 200
OK favicon.15a5044def06.png
innovation.nhs.uk/static/wagtailnhsukfrontend/favicons/ 3 KB
4 KB 40ms
39ms Other
image/png 20.90.168.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation.nhs.uk/static/wagtailnhsukfrontend/favicons/favicon.15a5044def06.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.90.168.75 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2e99d1a296562277cf27c5c444b968923216131cf796c6a76092b8f43ef17b52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://innovation.nhs.uk/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 23 Apr 2024 20:40:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Last-Modified: Wed, 10 Apr 2024 16:08:12 GMT
Cross-Origin-Opener-Policy: same-origin
Content-Security-Policy: default-src 'self' https://*.hotjar.io https://*.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; connect-src 'self' https://*.google-analytics.com http://*.hotjar.com:* https://*.hotjar.com:* http://*.hotjar.io https://*.hotjar.io wss://*.hotjar.com; frame-src 'self' https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://*.hotjar.com http://*.hotjar.com https://*.hotjar.com http://*.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
X-Frame-Options: DENY
Content-Type: image/png
Content-Disposition: inline; filename="favicon.15a5044def06.png"
Connection: keep-alive
Content-Length: 3095

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			innovation.nhs.uk/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinityCORS Value: 0c7e187549e35c9cf4e5887aaa57e6b0
			innovation.nhs.uk/	1969-12-31 23:59:59	Name: ApplicationGatewayAffinity Value: 0c7e187549e35c9cf4e5887aaa57e6b0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.hotjar.io https://.hotjar.com https://assets.nhs.uk data:; img-src 'self' data: https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io; script-src 'self' https://www.google-analytics.com https://www.googletagmanager.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://.hotjar.io 'unsafe-inline'; connect-src 'self' https://.google-analytics.com http://.hotjar.com:* https://.hotjar.com: http://.hotjar.io https://.hotjar.io wss://.hotjar.com; frame-src 'self' https://.hotjar.com http://.hotjar.io https://.hotjar.io; style-src 'self' 'unsafe-inline' ; form-action 'self' https://.hotjar.com http://.hotjar.com https://.hotjar.com http://.hotjar.io https://*.hotjar.io 'unsafe-inline'; frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.nhs.uk
innovation.nhs.uk
2.23.65.148
20.90.168.75
1cd2ef91346aafd071c1ecd167290a28412860b27c70a0df083ac6e29ae2c1bf
2b997a1aa69553e0b61587cddfd4064e3dbac0fb503dfbd7be309846a80f4945
2e99d1a296562277cf27c5c444b968923216131cf796c6a76092b8f43ef17b52
43717e5f26b3913327f43ae641b3d170aafbdc6b4efd0926a04911a822fb06d8
45bd919d6af920dfbcb2d5717616588e3c233cfc9c918828f2c0931f150233e3
4a72900690b57bf20fd2f7338496a56dcb7772d2bb19406a2aa37192dd8afdb8
67e0de72a1c249d9bb439c5a08e149b9e077a57b6ad919004cc0a21df9b2c5a6
7291098190da184925d1ec8cb29cfb6abef3c0c4ec8d2143c92ff753192763ad
80379b722aea45c58b145531f9217a4a1210b1d41328e6082293923785c4535a
886f640d4cb31c0114351f25e5eeba98b79e7ae405fcc2ca50aac6ed79ff8995
8d9e1166b585ab0ec941644ae5ed248d229ba3c2a28748e4fd83e0224b4cd2b1
bb1b61ea7c890d124213f2b382030d5b34f7bd20ff405238ca24d7e01c1c1ec1
cd8af06dc192f883f92a91ecacdef24c5b78b1b86c5841c3fcd6eb27b4a5fcde
d7a61b8131c25f4f7949162fcf342c8ba52b0257756aaacf23aa948f0403c842
ee57aa49324de8e9ef299efe47ec8c677f6e7f635f086a2fe146589b7b10d0b9

innovation.nhs.uk Open in urlscan Pro 20.90.168.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

289 kBTransfer

271 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

innovation.nhs.uk Open in urlscan Pro
20.90.168.75 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

289 kB
Transfer

271 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions