www.nuffieldhealth.com Open in urlscan Pro
104.20.51.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nuffieldhealth.com/mybenefits
Submission: On February 02 via api (February 2nd 2021, 9:11:21 am UTC) from GB

Summary HTTP 41 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 16 domains to perform 41 HTTP transactions. The main IP is 104.20.51.156, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nuffieldhealth.com.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on January 12th 2021. Valid for: a year.

This is the only time www.nuffieldhealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	104.20.51.156 104.20.51.156	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.7.122 65.9.7.122	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.78.14 13.225.78.14	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	65.9.67.230 65.9.67.230	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.185.81.62 18.185.81.62	16509 (AMAZON-02) (AMAZON-02)
3	185.19.40.106 185.19.40.106	61001 (RTAP10010...) (RTAP100100-RIPE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	13.224.194.56 13.224.194.56	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.200.46.211 52.200.46.211	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.194.78 13.224.194.78	16509 (AMAZON-02) (AMAZON-02)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	143.204.93.43 143.204.93.43	16509 (AMAZON-02) (AMAZON-02)
41	19

10 104.20.51.156 (United States)

ASN13335 (CLOUDFLARENET, US)

www.nuffieldhealth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static-ssl.responsetap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-14.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

8128413.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.230 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d2oh4tlt9mrke9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.13 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.81.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-81-62.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.19.40.106 (United Kingdom)

ASN61001 (RTAP100100-RIPE, GB)
PTR: 185-19-40-106.rdns.rtap.net

metrics.responsetap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.56 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-56.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.46.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-46-211.compute-1.amazonaws.com

ws.sessioncam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-78.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.93.43 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-43.fra50.r.cloudfront.net

bppmdmxgsg.execute-api.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	nuffieldhealth.com www.nuffieldhealth.com	433 KB
4	facebook.com www.facebook.com	757 B
4	doubleclick.net 2 redirects 8128413.fls.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
4	google-analytics.com www.google-analytics.com	62 KB
4	responsetap.com static-ssl.responsetap.com metrics.responsetap.com	10 KB
4	googleapis.com maps.googleapis.com	124 KB
3	facebook.net connect.facebook.net	161 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
1	amazonaws.com bppmdmxgsg.execute-api.eu-west-1.amazonaws.com	524 B
1	sessioncam.com ws.sessioncam.com	433 B
1	google.de www.google.de	505 B
1	google.com www.google.com	107 B
1	mediaiqdigital.com pixel.mediaiqdigital.com	501 B
1	cloudfront.net d2oh4tlt9mrke9.cloudfront.net	59 KB
1	googletagmanager.com www.googletagmanager.com	73 KB
41	16

	Domain	Requested by
10	www.nuffieldhealth.com	www.nuffieldhealth.com
4	www.facebook.com	www.nuffieldhealth.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.nuffieldhealth.com
4	maps.googleapis.com	www.nuffieldhealth.com maps.googleapis.com
3	metrics.responsetap.com	static-ssl.responsetap.com
3	connect.facebook.net	www.nuffieldhealth.com connect.facebook.net
2	secure.adnxs.com	2 redirects
2	8128413.fls.doubleclick.net	1 redirects www.googletagmanager.com
1	bppmdmxgsg.execute-api.eu-west-1.amazonaws.com	www.nuffieldhealth.com
1	cm.g.doubleclick.net	1 redirects
1	vars.hotjar.com	static.hotjar.com
1	ws.sessioncam.com	d2oh4tlt9mrke9.cloudfront.net
1	script.hotjar.com	static.hotjar.com
1	www.google.de	www.nuffieldhealth.com
1	www.google.com	www.nuffieldhealth.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pixel.mediaiqdigital.com	www.nuffieldhealth.com
1	d2oh4tlt9mrke9.cloudfront.net	www.nuffieldhealth.com
1	static.hotjar.com	www.googletagmanager.com
1	static-ssl.responsetap.com	www.nuffieldhealth.com
1	www.googletagmanager.com	www.nuffieldhealth.com
41	21

This site contains links to these domains. Also see Links.

Domain
shop.nuffieldhealth.com
www.abellioseasontickets.com
www.youtube.com
247.nuffieldhealth.com
www.perksatwork.com
mynuffieldhealth.sharepoint.com
www.nuffieldhealthcareers.com

Subject Issuer	Validity	Valid
www.nuffieldhealth.com GlobalSign RSA OV SSL CA 2018	`2021-01-12` - `2022-02-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
static-ssl.responsetap.com Amazon	`2020-03-10` - `2021-04-10`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.mediaiqdigital.com Amazon	`2020-05-11` - `2021-06-10`	a year	crt.sh
*.responsetap.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-04` - `2021-03-01`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
ws.sessioncam.com Amazon	`2020-04-16` - `2021-05-16`	a year	crt.sh
*.execute-api.eu-west-1.amazonaws.com Amazon	`2020-09-13` - `2021-10-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.nuffieldhealth.com/mybenefits
Frame ID: 613FDEC0926EAF0DEABEF979EA286AE7
Requests: 39 HTTP requests in this frame

Frame: https://8128413.fls.doubleclick.net/activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=undefined;u3=undefined;u4=undefined;u7=undefined;u8=NO;~oref=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits
Frame ID: 5B7F8B5A12C496BB2012472B74460FFA
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: B724B42DA5FEA5291C28456D867DAA8E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

41
Requests

100 %
HTTPS

38 %
IPv6

16
Domains

21
Subdomains

19
IPs

6
Countries

989 kB
Transfer

3305 kB
Size

16
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.nuffieldhealth.com/
Title: Our Shop

Search URL Search Domain Scan URL

URL: https://www.abellioseasontickets.com/tickets/nuffield-health
Title: Abellio Corporate Travel

Search URL Search Domain Scan URL

URL: https://www.youtube.com/playlist?list=PLl_Z23niMfiO460HQYGzA9z7jey7nqEr2
Title: YouTube

Search URL Search Domain Scan URL

URL: https://247.nuffieldhealth.com/browse
Title: Nuffield Health 24/7

Search URL Search Domain Scan URL

URL: https://www.perksatwork.com/login
Title: Offers & Discounts platform

Search URL Search Domain Scan URL

URL: https://mynuffieldhealth.sharepoint.com/Pages/SilverCloud-%E2%80%93-Your-free-wellbeing-support-programme.aspx
Title: SilverCloud

Search URL Search Domain Scan URL

URL: http://www.nuffieldhealthcareers.com/
Title: Careers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://8128413.fls.doubleclick.net/activityi;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=undefined;u3=undefined;u4=undefined;u7=undefined;u8=NO;~oref=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits HTTP 302
https://8128413.fls.doubleclick.net/activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=undefined;u3=undefined;u4=undefined;u7=undefined;u8=NO;~oref=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits

Request Chain 17

https://secure.adnxs.com/px?id=1146187&seg=18813426&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3Dhttps%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits%26u3%3D%26u4%3D%26pixel_id%3D1146187%26uid%3D%24%7BUID%7D&t=2&gtmcb=380669567 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1146187%26seg%3D18813426%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253Dhttps%253A%252F%252Fwww.nuffieldhealth.com%252Fmybenefits%2526u3%253D%2526u4%253D%2526pixel_id%253D1146187%2526uid%253D%2524%257BUID%257D%26t%3D2%26gtmcb%3D380669567 HTTP 302
https://pixel.mediaiqdigital.com/pixel?u1=https://www.nuffieldhealth.com/mybenefits&u3=&u4=&pixel_id=1146187&uid=2319155593750659391

Request Chain 32

https://cm.g.doubleclick.net/pixel?google_nid=responsetap_dmp&cvs=1&adivi=803575926&adis=C6A6C7241C9C094A90E06356A95A0948.numrep14&google_cm HTTP 302
https://bppmdmxgsg.execute-api.eu-west-1.amazonaws.com/prod/dcm?cvs=1&adivi=803575926&adis=C6A6C7241C9C094A90E06356A95A0948.numrep14&google_gid=CAESEO45oMY6th2ZkQALAPGMOus&google_cver=1

41 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mybenefits Show response
www.nuffieldhealth.com/ 53 KB
14 KB 356ms
275ms Document
text/html 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db9e8d72c2e1ac2a0545f1cb8d07291a7877d1a8b8cedaed35a975e38e74ab3

Request headers

:method: GET
:authority: www.nuffieldhealth.com
:scheme: https
:path: /mybenefits
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=dd1f04bcc38a921b37029839c0a7f54b91612257063; expires=Thu, 04-Mar-21 09:11:03 GMT; path=/; domain=.nuffieldhealth.com; HttpOnly; SameSite=Lax
x-ua-compatible: IE=edge,chrome=1 IE=edge,chrome=1
expires: Tue, 02 Feb 2021 09:11:02 GMT
cache-control: no-cache
x-proxy-cache: STALE
content-encoding: gzip
vary: Accept-Encoding
x-varnish: 36940551
age: 0
via: 1.1 varnish-v4
accept-ranges: bytes
cf-cache-status: DYNAMIC
cf-request-id: 08039b8ac000001d060406b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 61b2c8579e4c1d06-CPH

GET
H2 200 AvenirLTStd-Light-bac7aa3c.woff
www.nuffieldhealth.com/assets/dist/fonts/ 28 KB
29 KB 30ms
30ms Font
application/font-woff 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/assets/dist/fonts/AvenirLTStd-Light-bac7aa3c.woff
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4cf25f3a408e0ad72c55a4d01d10fa2f0e2f7d482f67c60b17c5f1f55643f7

Request headers

Origin: https://www.nuffieldhealth.com
Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 7961581
content-encoding: gzip
cf-request-id: 08039b8bd600001d065905b000000001
x-varnish: 1708161
last-modified: Thu, 22 Oct 2020 12:46:11 GMT
server: cloudflare
etag: W/"5f917f13-71c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
cf-ray: 61b2c8595b941d06-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AvenirLTStd-Roman-128d9b86.woff
www.nuffieldhealth.com/assets/dist/fonts/ 29 KB
29 KB 73ms
72ms Font
application/font-woff 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/assets/dist/fonts/AvenirLTStd-Roman-128d9b86.woff
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4c8cee5e036f072bdd40d188da72abda9099da2a5969368fd65d0ee7346e6d

Request headers

Origin: https://www.nuffieldhealth.com
Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 8132527
content-encoding: gzip
cf-request-id: 08039b8bd600001d062ebf1000000001
x-varnish: 3639567
last-modified: Thu, 22 Oct 2020 12:46:11 GMT
server: cloudflare
etag: W/"5f917f13-733c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
cf-ray: 61b2c8595b971d06-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AvenirLTStd-Black-280891c6.woff
www.nuffieldhealth.com/assets/dist/fonts/ 28 KB
29 KB 67ms
67ms Font
application/font-woff 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/assets/dist/fonts/AvenirLTStd-Black-280891c6.woff
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f09ed254e5686a28391406c6ba905d3ca4981f0ac0bc2760d90dbe2b7967bf

Request headers

Origin: https://www.nuffieldhealth.com
Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 8157663
content-encoding: gzip
cf-request-id: 08039b8bd700001d063f84f000000001
x-varnish: 855569
last-modified: Thu, 22 Oct 2020 12:46:11 GMT
server: cloudflare
etag: W/"5f917f13-717c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
cf-ray: 61b2c8595b981d06-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-26f03929.css
www.nuffieldhealth.com/assets/dist/css/ 425 KB
57 KB 41ms
41ms Stylesheet
text/css 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/assets/dist/css/application-26f03929.css
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec54a0f34be4fbefed86a8557fae8638a3fcaae575af0c6dd9c6f0417579aa7a

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5243382
cf-ray: 61b2c8595b9d1d06-CPH
cf-request-id: 08039b8bd700001d066cbcc000000001
access-control-allow-origin: *
last-modified: Thu, 03 Dec 2020 14:17:54 GMT
server: cloudflare
etag: W/"5fc8f392-6a57f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2265081
via: 1.1 varnish-v4
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 127 KB
41 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=gme-nuffieldhealthltd1&hl=en&libraries=places

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

2ec5f5884ac67f0761f78f6ca2ace7d9786ed9d00683d39a78ada1e9b8fdf360

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=9
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42219
x-xss-protection: 0
expires: Tue, 02 Feb 2021 09:41:03 GMT

GET
H2 200 application.min-cf8bf882.js Show response
www.nuffieldhealth.com/assets/dist/javascript/ 640 KB
197 KB 77ms
76ms Script
application/javascript 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/assets/dist/javascript/application.min-cf8bf882.js
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9faf6058b1b1b1c1932d6251089b1ee2ae390f3170e061dac341d32b6e63e909

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5243382
cf-ray: 61b2c8595b9e1d06-CPH
cf-request-id: 08039b8bd700001d0612241000000001
access-control-allow-origin: *
last-modified: Thu, 03 Dec 2020 14:17:54 GMT
server: cloudflare
etag: W/"5fc8f392-a0098"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1833302
via: 1.1 varnish-v4
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_inverse.svg
www.nuffieldhealth.com/assets/dist/images/ 10 KB
4 KB 33ms
32ms Image
image/svg+xml 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nuffieldhealth.com/assets/dist/images/logo_inverse.svg
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5550142c6d37271423db429bc866b8a95a70dcf12ad214d0a0983ea0647f649c

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 173
cf-ray: 61b2c859dcf11d06-CPH
cf-request-id: 08039b8c2800001d06822b9000000001
access-control-allow-origin: *
last-modified: Fri, 04 Dec 2020 13:10:40 GMT
server: cloudflare
etag: W/"5fca3550-2723"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1888411
via: 1.1 varnish-v4
cache-control: max-age=600, stale-while-revalidate=604800, stale-if-error=604800
content-type: image/svg+xml
expires: Tue, 02 Feb 2021 09:18:10 GMT

GET
H2 200 my-benefits-green-clear-background.png
www.nuffieldhealth.com/local/0e/62/574cd3f64b2eaf0e2156d2a792e4/ 70 KB
70 KB 172ms
172ms Image
image/png 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.nuffieldhealth.com/local/0e/62/574cd3f64b2eaf0e2156d2a792e4/my-benefits-green-clear-background.png
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a055efd26b265ee9a6da5872202053b6cfb140df3e794130f5c546b1e3612d33

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
content-length: 71729
cf-request-id: 08039b8c4000001d065722e000000001
x-varnish: 53663131
last-modified: Thu, 14 Jan 2016 13:49:49 GMT
server: cloudflare
etag: "5697a77d-11831"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
cf-ray: 61b2c85a0d491d06-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 394 KB
73 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T63L6W

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cfe7239a32006642a8c33e59fbfe1cf53f0f05590673276e044b6aff8ad9c0bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74457
x-xss-protection: 0
expires: Tue, 02 Feb 2021 09:11:04 GMT

GET
H2 200 nuffieldicons-d0b7a4cd.woff
www.nuffieldhealth.com/assets/dist/fonts/ 7 KB
5 KB 55ms
54ms Font
application/font-woff 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/assets/dist/fonts/nuffieldicons-d0b7a4cd.woff?g8pvkb
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/assets/dist/css/application-26f03929.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3786bba9ea5ecb1ea90491a8b9349659d38928c9ca7ed119f9254171048bff87

Request headers

Origin: https://www.nuffieldhealth.com
Referer: https://www.nuffieldhealth.com/assets/dist/css/application-26f03929.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 8101493
content-encoding: gzip
cf-request-id: 08039b8c6800001d0660a01000000001
x-varnish: 3240561
last-modified: Thu, 22 Oct 2020 12:46:11 GMT
server: cloudflare
etag: W/"5f917f13-1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=315360000, stale-while-revalidate=604800, stale-if-error=604800
cf-ray: 61b2c85a3e0b1d06-CPH
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mybenefits Show response
www.nuffieldhealth.com/ 1 B
341 B 143ms
142ms XHR
text/html 104.20.51.156
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nuffieldhealth.com/mybenefits?_context=salesforce_form
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/assets/dist/javascript/application.min-cf8bf882.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.51.156 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Accept: */*
Referer: https://www.nuffieldhealth.com/mybenefits
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 0
cf-ray: 61b2c85b69a41d06-CPH
content-length: 32
cf-request-id: 08039b8d2000001d06198a0000000001
x-ua-compatible: IE=edge,chrome=1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 54028572
via: 1.1 varnish-v4
expires: Tue, 02 Feb 2021 09:11:03 GMT
cache-control: no-cache
accept-ranges: bytes
content-type: text/html;charset=UTF-8
x-proxy-cache: HIT

GET
H2 200 rTapTrack.min.js Show response
static-ssl.responsetap.com/static/scripts/ 21 KB
8 KB 129ms
35ms Script
application/javascript 65.9.7.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/assets/dist/javascript/application.min-cf8bf882.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3704175589f591c59407a71c43759e778da43c5774a455b52a89fdcae8d59176

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 13:44:07 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 12:01:25 GMT
server: nginx
age: 70017
etag: "5f8d8015-5221"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
cache-control: public; max-age=300
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Sf-J1Qy_r8TWRSwuJeKkb_94oUAmEMTXmItp50HCYDtImPfs22XW6A==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T63L6W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 7021
date: Tue, 02 Feb 2021 07:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 02 Feb 2021 09:14:03 GMT

GET
H2 200 hotjar-486819.js Show response
static.hotjar.com/c/ 23 KB
5 KB 129ms
64ms Script
application/javascript 13.225.78.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-486819.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T63L6W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.14 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-14.fra2.r.cloudfront.net

Software

Resource Hash

b049e2fd696a14151794a1ea9a094eeb800b05e1f1d4883595a34826457639d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/f644344c2bbd5a9914d8bfbd6d74cc35
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: 89R1mtaqyERQMfd0h_vdZpGhiXSce0rVwfe1yGfH5voI7VJBks4QfQ==
via: 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)

GET
H3-Q050

200

activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=u...
8128413.fls.doubleclick.net/ Frame 5B7F
Redirect Chain

https://8128413.fls.doubleclick.net/activityi;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2...
https://8128413.fls.doubleclick.net/activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww....

0
0

111ms
71ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8128413.fls.doubleclick.net/activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=undefined;u3=undefined;u4=undefined;u7=undefined;u8=NO;~oref=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T63L6W

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8128413.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=undefined;u3=undefined;u4=undefined;u7=undefined;u8=NO;~oref=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nuffieldhealth.com/mybenefits
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 02 Feb 2021 09:11:04 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 422
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 02-Feb-2021 09:26:04 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 02 Feb 2021 09:11:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8128413.fls.doubleclick.net/activityi;dc_pre=CI2n9sztyu4CFVplFQgdwzIFCQ;src=8128413;type=main0;cat=nuffi0;ord=1;num=6194833218753;gtm=2wg1k0;auiddc=97583004.1612257064;u1=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits;u2=undefined;u3=undefined;u4=undefined;u7=undefined;u8=NO;~oref=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 17ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: ZXpMYkqnQwdeBNBte7e3kG2Tf53ApFogeaOknEzdYXS0/7ZzcqAYwFyfp45yF21PEYRfLF9pswtsvJWBKRqgDw==
x-fb-trip-id: 2052514463
x-frame-options: DENY
date: Tue, 02 Feb 2021 09:11:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sessioncam.recorder.js Show response
d2oh4tlt9mrke9.cloudfront.net/Record/js/ 259 KB
59 KB 113ms
36ms Script
text/javascript 65.9.67.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.230 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0f70ddd13b76384ea79cb5493e566bf60face5f0dccf12e57b757a405e1aee5

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: nRDpzAEGVX98FpgS05SC3rQHQNNDxKfD
Content-Encoding: gzip
ETag: "b453e6a540f978f059847e87592e73ac"
Age: 13066
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 59591
Last-Modified: Tue, 26 Jan 2021 14:19:02 GMT
Server: AmazonS3
Date: Tue, 02 Feb 2021 05:33:19 GMT
Content-Type: text/javascript
Via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
Cache-Control: max-age=14400
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 4eVg-h4zeHfFIkeXlT1kV5QECHuceFwAdttIVck0mM10D04uDrlJjQ==

GET
H/1.1

200
OK

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=1146187&seg=18813426&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3Fu1%3Dhttps%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits%26u3%3D%26u4%3D%26pixel_id%3D114618...
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1146187%26seg%3D18813426%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253Fu1%253Dhttps%253A%252F%252Fwww.nuffieldhealth.com%252Fmybe...
https://pixel.mediaiqdigital.com/pixel?u1=https://www.nuffieldhealth.com/mybenefits&u3=&u4=&pixel_id=1146187&uid=2319155593750659391

2 B
501 B

138ms
33ms

Image
application/json

18.185.81.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mediaiqdigital.com/pixel?u1=https://www.nuffieldhealth.com/mybenefits&u3=&u4=&pixel_id=1146187&uid=2319155593750659391

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.185.81.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-81-62.eu-central-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:11:04 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length: 2

Redirect headers

Pragma: no-cache
Date: Tue, 02 Feb 2021 09:11:04 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 729.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.68:80
AN-X-Request-Uuid: 62cbdb28-59c3-4c9a-827f-0b637eb29196
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.mediaiqdigital.com/pixel?u1=https://www.nuffieldhealth.com/mybenefits&u3=&u4=&pixel_id=1146187&uid=2319155593750659391
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
393 B 47ms
14ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=528992695&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&ul=en-us&de=UTF-8&dt=My%20Benefits%20%7C%20Nuffield%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEADQAAAAC~&jid=2142479751&gjid=1805602070&cid=1817887199.1612257064&uid=&tid=UA-1566310-2&_gid=676328202.1612257064&_r=1&gtm=2wg1k0T63L6W&cd4=NO&cd5=&cd7=&cd8=273&z=268267554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 09:11:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nuffieldhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 133 KB
44 KB 51ms
41ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-53R8D2T&t=gtm12&cid=1817887199.1612257064

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8912206ec4aa33b8dbab97d4ccf67ca522fc4b44dc93a5a7d1945aad24d9c91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44373
x-xss-protection: 0
expires: Tue, 02 Feb 2021 09:11:04 GMT

GET
H/1.1 200
OK numberReplacement.json;jsessionid= Show response
metrics.responsetap.com/track/ 474 B
695 B 246ms
101ms Script
application/javascript 185.19.40.106
RTAP100100-RIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/track/numberReplacement.json;jsessionid=?callback=json1&callbackFailure=json2&websiteId=721&windowLocation=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&noCache=0.20357701514888804
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.19.40.106 , United Kingdom, ASN61001 (RTAP100100-RIPE, GB),
Reverse DNS: 185-19-40-106.rdns.rtap.net
Software: Apache-Coyote/1.1 /
Resource Hash: 5fd6b70d8eb0f2347eedb27857e4f833eb94a52157b8f8c91469a2bb36bd8003

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:11:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache-Coyote/1.1
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=ISO-8859-1

GET
H2 200 259593317564516 Show response
connect.facebook.net/signals/config/ 233 KB
68 KB 88ms
87ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/259593317564516?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59a077a2c5d50f08b4bd2097ef46beb84c58ed5f1975efdd156e193b243fb1ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: se4IEwkZj2t6f4KqJ6gJ2HlL2NDzbJkkbsaA0tcW23JAcxLU7S+qc8sa5i9HAwSL2j3+a1bIiTWiU+BksTegsw==
x-fb-trip-id: 2052514463
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 02 Feb 2021 09:11:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 752557894
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-1566310-2&cid=1817887199.1612257064&jid=2142479751&gjid=1805602070&_gid=676328202.1612257064&_u=YEBAAEACQAAAAC~&z=1081035944

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 02 Feb 2021 09:11:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.nuffieldhealth.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1566310-2&cid=1817887199.1612257064&jid=2142479751&_u=YEBAAEACQAAAAC~&z=972273444

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 09:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 37ms
17ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1566310-2&cid=1817887199.1612257064&jid=2142479751&_u=YEBAAEACQAAAAC~&z=972273444

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 09:11:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=528992695&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&ul=en-us&de=UTF-8&dt=My%20Benefits%20%7C%20Nuffield%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Google%20Optimize&ea=kY4mh4ffSUq5UC4jGi0uuA&_u=aHDAAEADQAAAAC~&jid=&gjid=&cid=1817887199.1612257064&uid=&tid=UA-1566310-2&_gid=676328202.1612257064&gtm=2wg1k0T63L6W&cd4=NO&cd5=&cd7=&cd8=273&z=468590945

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Feb 2021 19:54:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47800
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.76ada2ece072461377ab.js Show response
script.hotjar.com/ 223 KB
59 KB 131ms
58ms Script
application/javascript 13.224.194.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.76ada2ece072461377ab.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-486819.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.194.56 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-56.fra2.r.cloudfront.net

Software

Resource Hash

0691b33d62e112cce87b247d087564d44eee9c48f139b9ba0038b6b1127bf5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 08:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 348386
x-cache: Hit from cloudfront
content-length: 59805
access-control-allow-origin: *
last-modified: Fri, 29 Jan 2021 08:22:55 GMT
etag: "40539391acbe5441f33312b664e43d52"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 2gYh2r8_g4DkjSTX4NnEruP8ERVLHP5r8nbW2eBRzt3zKBT_7JfM2A==

GET
H2 200 639054786598725 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 57ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/639054786598725?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

490f16ea1214a2b75f70b9e19bc55ebb436d6cc03964d275b901696c3f4475e3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: +ebUAnuTFrdUbpbWljhSBUMfLMcu4Dxw6yBqflTvWDx4AycN+vvxeOXviYZ5/xKXHV2iFlHsPWL/E+6PdGTsQQ==
x-fb-trip-id: 2052514463
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 02 Feb 2021 09:11:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1028100747
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 18ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=259593317564516&ev=PageView&dl=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&rl=&if=false&ts=1612257064544&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1612257064426&coo=false&rqm=GET

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 02 Feb 2021 09:11:04 GMT

GET
H/1.1 200
OK config.aspx Show response
ws.sessioncam.com/Record/ 38 B
433 B 445ms
108ms XHR
text/javascript 52.200.46.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&jsver=583&originalUrl=https://www.nuffieldhealth.com&sse=1612257064553&inTg=a&acr=0
Requested by: Host: d2oh4tlt9mrke9.cloudfront.net
URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.46.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-46-211.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: ad7a2706c8c64f0efc59f8a6155f2c554c47e75d3a7ec9490d23af12f542d286

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 02 Feb 2021 09:11:04 GMT
Server: Kestrel
Content-Type: text/javascript
Access-Control-Allow-Origin: https://www.nuffieldhealth.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 38
Expires: -1

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame B724 0
0 106ms
34ms Document
text/html 13.224.194.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-486819.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.194.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-78.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nuffieldhealth.com/mybenefits
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.nuffieldhealth.com/mybenefits

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OjvVrBJkiKVgRAGFGJoZPN_yc3Epn7Ki3f7a9F4tXhto4dla-N79QA==
age: 6106201

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=639054786598725&ev=PageView&dl=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&rl=&if=false&ts=1612257064617&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612257064615.479216058&it=1612257064426&coo=false&rqm=GET

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 02 Feb 2021 09:11:04 GMT

GET
H/1.1

200
OK

dcm
bppmdmxgsg.execute-api.eu-west-1.amazonaws.com/prod/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=responsetap_dmp&cvs=1&adivi=803575926&adis=C6A6C7241C9C094A90E06356A95A0948.numrep14&google_cm
https://bppmdmxgsg.execute-api.eu-west-1.amazonaws.com/prod/dcm?cvs=1&adivi=803575926&adis=C6A6C7241C9C094A90E06356A95A0948.numrep14&google_gid=CAESEO45oMY6th2ZkQALAPGMOus&google_cver=1

43 B
524 B

256ms
181ms

Image
image/gif

143.204.93.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bppmdmxgsg.execute-api.eu-west-1.amazonaws.com/prod/dcm?cvs=1&adivi=803575926&adis=C6A6C7241C9C094A90E06356A95A0948.numrep14&google_gid=CAESEO45oMY6th2ZkQALAPGMOus&google_cver=1
Requested by: Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.43 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-43.fra50.r.cloudfront.net
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:11:05 GMT
Via: 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
x-amzn-RequestId: a91be5a3-0381-4c77-9bea-f5c6c21e7b74
X-Cache: Miss from cloudfront
Content-Type: image/gif
X-Amzn-Trace-Id: Root=1-60191728-187a5cf42edc00ae0b95efac;Sampled=0
Connection: keep-alive
x-amz-apigw-id: aHCOaELajoEF2wQ=
Content-Length: 43
X-Amz-Cf-Id: NxOoza1noX0fGhlBxIubzbaPOFqxCcaiWtZYtsHvjwJpXwjBd6E2Ww==

Redirect headers

pragma: no-cache
date: Tue, 02 Feb 2021 09:11:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bppmdmxgsg.execute-api.eu-west-1.amazonaws.com/prod/dcm?cvs=1&adivi=803575926&adis=C6A6C7241C9C094A90E06356A95A0948.numrep14&google_gid=CAESEO45oMY6th2ZkQALAPGMOus&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cookieData;jsessionid=C6A6C7241C9C094A90E06356A95A0948.numrep14 Show response
metrics.responsetap.com/track/ 0
378 B 47ms
47ms Script
application/javascript 185.19.40.106
RTAP100100-RIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/track/cookieData;jsessionid=C6A6C7241C9C094A90E06356A95A0948.numrep14?callbackFailure=json3&adInsightVisitId=803575926&cookieData=_ga:GA1.2.1817887199.1612257064&noCache=0.6468162609730008
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.19.40.106 , United Kingdom, ASN61001 (RTAP100100-RIPE, GB),
Reverse DNS: 185-19-40-106.rdns.rtap.net
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:11:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache-Coyote/1.1
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=ISO-8859-1

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=259593317564516&ev=Microdata&dl=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&rl=&if=false&ts=1612257065046&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Benefits%20%7C%20Nuffield%20Health%22%2C%22meta%3Adescription%22%3A%22See%20the%20amazing%20benefits%20of%20being%20an%20employee%20at%20Nuffield%20Health.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits%22%2C%22og%3Aimage%22%3A%22%2Fopen-graph.png%22%2C%22og%3Alocale%22%3A%22en_GB%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22Home%22%2C%22item%22%3A%22https%3A%2F%2Fwww.nuffieldhealth.com%2F%22%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22name%22%3A%22My%20benefits%22%2C%22item%22%3A%22https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1612257064426&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 02 Feb 2021 09:11:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=639054786598725&ev=Microdata&dl=https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&rl=&if=false&ts=1612257065118&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22My%20Benefits%20%7C%20Nuffield%20Health%22%2C%22meta%3Adescription%22%3A%22See%20the%20amazing%20benefits%20of%20being%20an%20employee%20at%20Nuffield%20Health.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits%22%2C%22og%3Aimage%22%3A%22%2Fopen-graph.png%22%2C%22og%3Alocale%22%3A%22en_GB%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22name%22%3A%22Home%22%2C%22item%22%3A%22https%3A%2F%2Fwww.nuffieldhealth.com%2F%22%7D%2C%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A2%2C%22name%22%3A%22My%20benefits%22%2C%22item%22%3A%22https%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1612257064615.479216058&it=1612257064426&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.nuffieldhealth.com
URL: https://www.nuffieldhealth.com/mybenefits

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 09:11:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 02 Feb 2021 09:11:05 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/9/ 75 KB
28 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=gme-nuffieldhealthltd1&hl=en&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 06:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 04:29:25 GMT
server: sffe
age: 529617
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28123
x-xss-protection: 0
expires: Thu, 27 Jan 2022 06:04:11 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/42/9/ 147 KB
54 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/42/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=gme-nuffieldhealthltd1&hl=en&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 18:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Oct 2020 04:29:25 GMT
server: sffe
age: 483121
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55295
x-xss-protection: 0
expires: Thu, 27 Jan 2022 18:59:07 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
406 B 42ms
29ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.nuffieldhealth.com%2Fmybenefits&2sgme-nuffieldhealthltd1&callback=_xdc_._6aosji&client=gme-nuffieldhealthltd1&token=120456

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/9/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4efa33d4dd98666b990a792e7d14b6a0335d9fef9da620e43de994dce9ab7fee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Feb 2021 09:11:09 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK update;jsessionid=C6A6C7241C9C094A90E06356A95A0948.numrep14 Show response
metrics.responsetap.com/track/ 52 B
431 B 45ms
44ms Script
application/javascript 185.19.40.106
RTAP100100-RIPE

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.responsetap.com/track/update;jsessionid=C6A6C7241C9C094A90E06356A95A0948.numrep14?callback=json4&callbackFailure=json5&noCache=0.4265670424369521
Requested by: Host: static-ssl.responsetap.com
URL: https://static-ssl.responsetap.com/static/scripts/rTapTrack.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.19.40.106 , United Kingdom, ASN61001 (RTAP100100-RIPE, GB),
Reverse DNS: 185-19-40-106.rdns.rtap.net
Software: Apache-Coyote/1.1 /
Resource Hash: 42d53ff947bd8422c932879bfe7920902db86bb9c6ff6aeae573a2a74850fc42

Request headers

Referer: https://www.nuffieldhealth.com/mybenefits
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Feb 2021 09:11:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Apache-Coyote/1.1
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nuffieldhealth.com/	1970-01-19 15:50:58	Name: _hjAbsoluteSessionInProgress Value: 0
.nuffieldhealth.com/	1970-01-19 15:50:58	Name: adiLP Value: 1612257064689
www.nuffieldhealth.com/	1969-12-31 23:59:59	Name: sc.ASP.NET_SESSIONID Value: j30kmxqw50wcjbatvhjj40pv
.nuffieldhealth.com/	1970-01-19 15:50:58	Name: adiS Value: C6A6C7241C9C094A90E06356A95A0948.numrep14
.nuffieldhealth.com/	1970-01-19 15:50:57	Name: _gat_UA-1566310-2 Value: 1
.nuffieldhealth.com/	1970-01-19 15:50:58	Name: adiVi Value: 803575926
.nuffieldhealth.com/	1970-01-20 00:36:33	Name: adiV Value: 524290216
.nuffieldhealth.com/	1970-01-19 15:50:58	Name: _hjFirstSeen Value: 1
.nuffieldhealth.com/	1970-01-20 09:22:09	Name: _ga Value: GA1.2.1817887199.1612257064
.nuffieldhealth.com/	1970-01-19 18:00:33	Name: _fbp Value: fb.1.1612257064615.479216058
.nuffieldhealth.com/	1970-01-20 00:36:33	Name: _hjid Value: 2f6bbe87-018d-4e29-b78b-9af08c4da7b0
.doubleclick.net/	1970-01-20 01:12:33	Name: IDE Value: AHWqTUm9vx1YwpdmizHnHPbafdaINNVk81xBxnro-VUzVPjkAI9H3qWJSwDS1yL5
.nuffieldhealth.com/	1970-01-19 15:52:23	Name: _gid Value: GA1.2.676328202.1612257064
.nuffieldhealth.com/	1970-01-19 18:00:33	Name: _gcl_au Value: 1.1.97583004.1612257064
.nuffieldhealth.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.nuffieldhealth.com/	1970-01-19 16:34:09	Name: __cfduid Value: dd1f04bcc38a921b37029839c0a7f54b91612257063

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8128413.fls.doubleclick.net
bppmdmxgsg.execute-api.eu-west-1.amazonaws.com
cm.g.doubleclick.net
connect.facebook.net
d2oh4tlt9mrke9.cloudfront.net
maps.googleapis.com
metrics.responsetap.com
pixel.mediaiqdigital.com
script.hotjar.com
secure.adnxs.com
static-ssl.responsetap.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
ws.sessioncam.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nuffieldhealth.com
104.20.51.156
13.224.194.56
13.224.194.78
13.225.78.14
142.250.185.166
143.204.93.43
172.217.16.194
18.185.81.62
185.19.40.106
185.33.221.13
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:817::200a
2a00:1450:4001:824::2008
2a00:1450:400c:c00::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.200.46.211
65.9.67.230
65.9.7.122
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0691b33d62e112cce87b247d087564d44eee9c48f139b9ba0038b6b1127bf5b0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2ec5f5884ac67f0761f78f6ca2ace7d9786ed9d00683d39a78ada1e9b8fdf360
3704175589f591c59407a71c43759e778da43c5774a455b52a89fdcae8d59176
3786bba9ea5ecb1ea90491a8b9349659d38928c9ca7ed119f9254171048bff87
42d53ff947bd8422c932879bfe7920902db86bb9c6ff6aeae573a2a74850fc42
490f16ea1214a2b75f70b9e19bc55ebb436d6cc03964d275b901696c3f4475e3
4db9e8d72c2e1ac2a0545f1cb8d07291a7877d1a8b8cedaed35a975e38e74ab3
4efa33d4dd98666b990a792e7d14b6a0335d9fef9da620e43de994dce9ab7fee
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5550142c6d37271423db429bc866b8a95a70dcf12ad214d0a0983ea0647f649c
59a077a2c5d50f08b4bd2097ef46beb84c58ed5f1975efdd156e193b243fb1ab
5fd6b70d8eb0f2347eedb27857e4f833eb94a52157b8f8c91469a2bb36bd8003
6a4cf25f3a408e0ad72c55a4d01d10fa2f0e2f7d482f67c60b17c5f1f55643f7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f09ed254e5686a28391406c6ba905d3ca4981f0ac0bc2760d90dbe2b7967bf
8912206ec4aa33b8dbab97d4ccf67ca522fc4b44dc93a5a7d1945aad24d9c91b
8d4c8cee5e036f072bdd40d188da72abda9099da2a5969368fd65d0ee7346e6d
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9faf6058b1b1b1c1932d6251089b1ee2ae390f3170e061dac341d32b6e63e909
a055efd26b265ee9a6da5872202053b6cfb140df3e794130f5c546b1e3612d33
a6f4d404865d30f5860c0ff6e39f0afb1f2a6465fb01b95cf34aaf225d768e61
ad7a2706c8c64f0efc59f8a6155f2c554c47e75d3a7ec9490d23af12f542d286
b049e2fd696a14151794a1ea9a094eeb800b05e1f1d4883595a34826457639d7
bbe862fecc8d22f26c0071a1283d1ee6302d0ee20663afe46caabbe16d11d59e
cfe7239a32006642a8c33e59fbfe1cf53f0f05590673276e044b6aff8ad9c0bf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ec54a0f34be4fbefed86a8557fae8638a3fcaae575af0c6dd9c6f0417579aa7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f70ddd13b76384ea79cb5493e566bf60face5f0dccf12e57b757a405e1aee5

www.nuffieldhealth.com Open in urlscan Pro 104.20.51.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

41 Requests

100 %HTTPS

38 %IPv6

16 Domains

21 Subdomains

19 IPs

6 Countries

989 kBTransfer

3305 kBSize

16 Cookies

7 Outgoing links

Redirected requests

41 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nuffieldhealth.com Open in urlscan Pro
104.20.51.156 Public Scan

Screenshot
Live screenshot

Full Image

41
Requests

100 %
HTTPS

38 %
IPv6

16
Domains

21
Subdomains

19
IPs

6
Countries

989 kB
Transfer

3305 kB
Size

16
Cookies

41 HTTP transactions
0 data transactions