urlscan.io logo urlscan.io
SecurityTrails logo

navihealth.com Open in urlscan Pro
34.138.172.98  Public Scan

Go To Rescan Add Verdict Report
URL: https://navihealth.com/welcome-to-nh-intake/
Submission Tags: falconsandbox
Submission: On March 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 12 domains to perform 47 HTTP transactions. The main IP is 34.138.172.98, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is navihealth.com. The Cisco Umbrella rank of the primary domain is 138350.
TLS certificate: Issued by R3 on March 9th 2023. Valid for: 3 months.
This is the only time navihealth.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 34.138.172.98 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
15 18.65.39.127 16509 (AMAZON-02)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 18.184.201.251 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 173.231.16.76 18450 (WEBNX)
1 18.210.254.78 14618 (AMAZON-AES)
47 14
21    34.138.172.98 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.172.138.34.bc.googleusercontent.com
navihealth.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    18.65.39.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-127.ams1.r.cloudfront.net
app.leadformly.com
1    2606:4700:e6::ac40:c518 (United States)

ASN13335 (CLOUDFLARENET, US)
siteimproveanalytics.com
1    18.184.201.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-201-251.eu-central-1.compute.amazonaws.com
6258689.global.siteimproveanalytics.io
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
1    173.231.16.76 (United States)

ASN18450 (WEBNX, US)
PTR: 173-231-16-76.static.webnx.com
api.ipify.org
1    18.210.254.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-254-78.compute-1.amazonaws.com
api.ipstack.com
Apex Domain
Subdomains		 Transfer
21 navihealth.com
navihealth.com — Cisco Umbrella Rank: 138350
284 KB
15 leadformly.com
app.leadformly.com
844 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
118 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
41 KB
1 ipstack.com
api.ipstack.com — Cisco Umbrella Rank: 16855
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2634
115 B
1 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 7532
10 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2388
244 B
1 siteimproveanalytics.io
6258689.global.siteimproveanalytics.io
477 B
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 3182
10 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 784
6 KB
47 12
Domain Requested by
21 navihealth.com 1 redirects navihealth.com
15 app.leadformly.com navihealth.com
app.leadformly.com
2 www.googletagmanager.com navihealth.com
www.googletagmanager.com
2 cdn.jsdelivr.net navihealth.com
1 api.ipstack.com app.leadformly.com
1 api.ipify.org app.leadformly.com
1 cdn.ravenjs.com app.leadformly.com
1 fonts.googleapis.com app.leadformly.com
1 region1.google-analytics.com www.googletagmanager.com
1 6258689.global.siteimproveanalytics.io navihealth.com
1 siteimproveanalytics.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com navihealth.com
47 12

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
www.twitter.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
navihealth.com
R3		 2023-03-09 -
2023-06-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
app.leadformly.com
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-30		 a year crt.sh
*.global.r1.siteimproveanalytics.io
Amazon RSA 2048 M01		 2023-02-10 -
2023-10-08		 8 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-02 -
2023-05-25		 3 months crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-30 -
2023-10-01		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
apilayer.net
Amazon RSA 2048 M02		 2023-02-22 -
2023-11-08		 9 months crt.sh

This page contains 2 frames:

Primary Page: https://navihealth.com/welcome-to-nh-intake/
Frame ID: 368473C06804C898317DAF8019CD8F18
Requests: 29 HTTP requests in this frame

Frame: https://app.leadformly.com/get_last_form_url/49596
Frame ID: 2851A961E143BF13A05A526AEDD2F15D
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to nH Intake - naviHealth

Page URL History Show full URLs

  1. https://navihealth.com/welcome-to-nh-intake HTTP 301
    https://navihealth.com/welcome-to-nh-intake/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

12
Subdomains

14
IPs

2
Countries

1315 kB
Transfer

2253 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://navihealth.com/welcome-to-nh-intake HTTP 301
    https://navihealth.com/welcome-to-nh-intake/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
navihealth.com/welcome-to-nh-intake/
Redirect Chain
  • https://navihealth.com/welcome-to-nh-intake
  • https://navihealth.com/welcome-to-nh-intake/
141 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
de17b776265dd41760c50e355313ae3a95988e0ba1a429a6d50135091ab86864

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:13:01 GMT
link
<https://navihealth.com/wp-json/>; rel="https://api.w.org/" <https://navihealth.com/wp-json/wp/v2/pages/9611>; rel="alternate"; type="application/json" <https://navihealth.com/?p=9611>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 15
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

cache-control
max-age=600, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:13:01 GMT
expires
Fri, 17 Mar 2023 18:10:29 GMT
location
https://navihealth.com/welcome-to-nh-intake/
server
nginx
x-cache
HIT: 13
x-cache-group
normal
x-cacheable
non200
x-powered-by
WP Engine
x-redirect-by
WordPress
style.css
navihealth.com/wp-content/themes/pyxl-scry/ 		217 B
357 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/themes/pyxl-scry/style.css
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6e7a8be3c33936cb4a87b41905f611e2e08e8d14a6a8f9c0bf4ed699ebf4b813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:48 GMT
server
nginx
etag
W/"629b4c04-d9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
navihealth.com/wp-content/plugins/gutenberg/build/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/gutenberg/build/block-library/style.css?ver=15.1.1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9a81d69a4ad0e2b940210a2bd44086c1be6b2c0737ca0977230ec5dec4f323aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Thu, 16 Feb 2023 00:29:01 GMT
server
nginx
etag
W/"63ed78cd-17bc7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme.css
navihealth.com/wp-content/plugins/gutenberg/build/block-library/ 		3 KB
919 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/gutenberg/build/block-library/theme.css?ver=15.1.1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Thu, 16 Feb 2023 00:29:01 GMT
server
nginx
etag
W/"63ed78cd-a2e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
classic-themes.min.css
navihealth.com/wp-includes/css/ 		217 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Tue, 25 Oct 2022 13:45:16 GMT
server
nginx
etag
W/"6357e86c-d9"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ctf-styles.min.css
navihealth.com/wp-content/plugins/custom-twitter-feeds/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/custom-twitter-feeds/css/ctf-styles.min.css?ver=2.0.5
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
648ae54592c6cb94119d6cbd10c4bfc763732d0e06c2a3d8656961fc2020b3cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Tue, 07 Feb 2023 17:52:48 GMT
server
nginx
etag
W/"63e28ff0-4325"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
styles.css
navihealth.com/wp-content/themes/pyxl-scry//storybook/build/ 		129 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/themes/pyxl-scry//storybook/build/styles.css?ver=1.0.0
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d82a7d3f1341676f5fe064d9603d0cfc1579e4e3788c3709ed6bcbdc3000b5d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:45 GMT
server
nginx
etag
W/"629b4c01-20506"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=4.3.0
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
845
age
3844541
cdn-cachedat
01/20/2022 08:58:56
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"04425bbdc6243fc6e54bf8984fe50330"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
24ef166ef9c23fd5eb8883c61eda881b
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7a96dd384ca83606-FRA
cdn-requestpullsuccess
True
frontend.css
navihealth.com/wp-content/plugins/dk-pdf/assets/css/ 		315 B
403 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/dk-pdf/assets/css/frontend.css?ver=1.9.6
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0bf507ba3142aa3a2f4bf435023785c182903f6e343b8dc099867245454c577c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:08 GMT
server
nginx
etag
W/"629b4bdc-13b"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
navihealth.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Mon, 19 Sep 2022 14:16:24 GMT
server
nginx
etag
W/"632879b8-15e54"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
navihealth.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
alpine.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.3/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.3/dist/alpine.min.js?ver%5B0%5D=1.0
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f11b72978f3f04621c2e130d92527099190788f5e08f4a5ef05c72a95fcfa707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2018345
x-jsd-version
2.7.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230037-FRA, cache-yyz4537-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"67a0-QHSi3e0DiRvXFXlgnmOPpqWDbjo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DisUDGKNTvSsUvqstbiDSqotkHOFhEJsyj0S3mZiZbGfmqqh2GlwKrTi7tpmKJk5aYCXhWcGrZNTBHCz2CKFlynkW3bvQ3Z4k8sfgAaZKFV2bxJM35p4fjguMB4SoUkHdioska32%2FlmQMHHFhgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7a96dd382c5039d6-FRA
alpine-ie11.min.js
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.3/dist/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.7.3/dist/alpine-ie11.min.js?ver%5B0%5D=1.0
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3e40447e278681c7e36d2f937a4da92599cd628a9d26d82ce30a1d9c48f15e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
50711
x-jsd-version
2.7.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230125-FRA, cache-yyz4523-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"17522-GHVLiHXviUmatQ4pKFwLupldQMs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeTszjpzFdhdf8Ti8p%2BwzrL0xHRvQ1LpdtEDM7YY8tYsV%2FXasyKgh0CGczuYPl%2FRSK7iL%2BCqConY6egP374%2BbbuG%2FH%2Fx94YWsM2qz45fMgIfF3mDRo5o9K6MoPbON%2Ft%2FQER2iUTRmU1BQg8XRXw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7a96dd382c5639d6-FRA
frontend.js
navihealth.com/wp-content/plugins/dk-pdf/assets/js/ 		42 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/dk-pdf/assets/js/frontend.js?ver=1.9.6
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e16355e8227ed0b9a11065116c43b6ee9b9ec0fa9431086d77fb122510f0531b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:08 GMT
server
nginx
etag
W/"629b4bdc-2a"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
page-scroll-to-id.min.js
navihealth.com/wp-content/plugins/page-scroll-to-id/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.7
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Mon, 09 Jan 2023 23:11:10 GMT
server
nginx
etag
W/"63bc9f0e-6591"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
migrate.js
navihealth.com/wp-content/plugins/wp-autosearch/assert/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/wp-autosearch/assert/js/migrate.js?ver=6.1.1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:37 GMT
server
nginx
etag
W/"629b4bf9-1c20"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
autocomplete.js
navihealth.com/wp-content/plugins/wp-autosearch/assert/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/wp-autosearch/assert/js/autocomplete.js?ver=6.1.1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d220966f271a6cf06c276bb83bc96dca8779c8c620f60ccf3238221130f41825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:37 GMT
server
nginx
etag
W/"629b4bf9-5649"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
ajax-script.js
navihealth.com/wp-content/plugins/wp-autosearch/assert/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/wp-autosearch/assert/js/ajax-script.js?ver=6.1.1
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d1e6030847536d6107689f6e801d895b2269a2f6e58aa9e0c770453906422dac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:37 GMT
server
nginx
etag
W/"629b4bf9-8a2"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
smush-lazy-load.min.js
navihealth.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.8.3
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a4f367d720fec23438ef17e4a32c05129ed2e6dd5163167c9dd0787ea1f62de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Thu, 19 Aug 2021 15:01:30 GMT
server
nginx
etag
W/"611e724a-1ee0"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
app.js
navihealth.com/wp-content/themes/pyxl-scry/storybook/build/ 		174 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/themes/pyxl-scry/storybook/build/app.js?ver=1.0
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a85818f26608ddfece0843b427665fc83bdcde3586bbfd36cfe171bf278b3994

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Fri, 08 Jul 2022 00:53:03 GMT
server
nginx
etag
W/"62c77fef-2b76c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
bundled.js
navihealth.com/wp-content/themes/pyxl-scry/storybook/build/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/themes/pyxl-scry/storybook/build/bundled.js?ver=1.0.0
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
85155e001351db758de5c48ea02cc7073f8068f2eede614061801db96b1fca60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
last-modified
Sat, 04 Jun 2022 12:11:45 GMT
server
nginx
etag
W/"629b4c01-10c10"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gtm.js
www.googletagmanager.com/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K29QKH8
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
496782ab3334350650199579a9d11294daae0fc54cf39a37017e8d5c8d4d2dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42025
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 16:09:31 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Mar 2023 17:13:01 GMT
truncated
/ Frame 2851 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
image/gif
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/gif
centurygothic-bold.woff
navihealth.com/wp-content/themes/pyxl-scry//storybook/build/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://navihealth.com/wp-content/themes/pyxl-scry//storybook/build/fonts/centurygothic-bold.woff
Requested by
Host: navihealth.com
URL: https://navihealth.com/wp-content/themes/pyxl-scry//storybook/build/styles.css?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd4bb690ee52ddd0c0bd61248dbaf477ddb6f7fc4ffd90ca5227354ede71f01d

Request headers

Referer
https://navihealth.com/wp-content/themes/pyxl-scry//storybook/build/styles.css?ver=1.0.0
Origin
https://navihealth.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
last-modified
Sat, 04 Jun 2022 12:11:45 GMT
server
nginx
etag
"629b4c01-5850"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
22608
49596
app.leadformly.com/get_last_form_url/ Frame 2851 		45 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/get_last_form_url/49596
Requested by
Host: navihealth.com
URL: https://navihealth.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d / PHP/5.6.40
Resource Hash
dacf0029703226b5a2f6313774c7cf3ed6c48ac77bab1ed3ad160ff05f8b5d3e

Request headers

Referer
https://navihealth.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Fri, 17 Mar 2023 17:13:03 GMT
server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
x-amz-cf-id
HrYXv0saOyRP7p3bWmWRc53VpF0UnSJ_BYxDkfxB53snATUf5ox_Xw==
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
x-powered-by
PHP/5.6.40
nh-logo-blue-background.png
navihealth.com/wp-content/uploads/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://navihealth.com/wp-content/uploads/nh-logo-blue-background.png
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.138.172.98 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.172.138.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd761f6ff15e12c71969ee25d35e19d76d8702a55357371b41aea997f9d62489

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/welcome-to-nh-intake/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
last-modified
Thu, 19 Aug 2021 15:01:27 GMT
server
nginx
etag
"611e7247-8e75"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
36469
siteanalyze_6258689.js
siteimproveanalytics.com/js/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteimproveanalytics.com/js/siteanalyze_6258689.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K29QKH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858813e647cc7e009a972c3ce6990a4bf6f1fdc2922d5621b7176cca9e076e46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
E4SHC82H3G9ETA05
age
150
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9121
x-amz-id-2
f70vPGKmKF1NITuCiJagQA27LgDtjHKjWvwJuhwNbAQ+BzegN429FVjIYPxD4ZM0PGlCndJ1aPg=
last-modified
Thu, 05 Jan 2023 17:28:00 GMT
server
cloudflare
etag
"6813445191cbe3ec1af25a46dfc87ccd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCqZ9X7%2Bo6ePtt1X8sh89Yk4FiPxLrfx6FKsQE7o2e9QQNCmSkNGQbJju0KVBGOLuC2HWLuEL7CDtD7Wr8d8ejktdVzUwi4blOi37QXbEGT01PJBv6mScE5h%2BNu%2F6O7LRlNliCWx45KHsy9Zifvfqp%2FBMYjBlCA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
7a96dd3b5f189b4b-FRA
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKPWRQ2K9P&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K29QKH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9cbb4c7b8f0053f3d2212586c6b6211fe79b630a0ceb426767ea83995b16882
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78058
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Mar 2023 17:13:01 GMT
image.aspx
6258689.global.siteimproveanalytics.io/ 		34 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6258689.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fnavihealth.com%2Fwelcome-to-nh-intake%2F&title=Welcome%20to%20nH%20Intake%20-%20naviHealth&res=1600x1200&accountid=6258689&rt=1422&prev=9b0ab770-2215-98df-50c6-c0f145b2b5c5&luid=a6045ce0-54c4-4d3a-5157-6531d5a41d50&rnd=66017
Requested by
Host: navihealth.com
URL: https://navihealth.com/welcome-to-nh-intake/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.201.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-201-251.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 17 Mar 2023 17:13:02 GMT
cache-control
max-age=0
content-length
34
expires
Fri, 17 Mar 2023 17:13:02 UTC
collect
region1.google-analytics.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DKPWRQ2K9P&gtm=45je33f0&_p=241420628&cid=572832432.1679073182&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679073182&sct=1&seg=0&dl=https%3A%2F%2Fnavihealth.com%2Fwelcome-to-nh-intake%2F&dt=Welcome%20to%20nH%20Intake%20-%20naviHealth&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKPWRQ2K9P&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navihealth.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Mar 2023 17:13:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://navihealth.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lf-custom-css.css
app.leadformly.com/assets/css/ Frame 2851 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/css/lf-custom-css.css
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c8b0b0b4a2bbe021584d1ddc6a1646747344d0e215db78645c5f5cd94aa9fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 07:57:58 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 21 Apr 2020 13:15:49 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587474935/ctime:1587474935/gid:0/gname:root/md5:2a09222ab59516b04d09d597a3353632/mode:33279/mtime:1587474732/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
4958106
etag
"2a09222ab59516b04d09d597a3353632"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
59121
x-amz-cf-id
I2S-3LtjLNtu6Bt2nLIAX3sVZTUnn6xIofQdmTkKB-mS4KN5sMIOjg==
intlTelInput.css
app.leadformly.com/assets/build/css/ Frame 2851 		18 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/build/css/intlTelInput.css
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf1a940dc87a76df5c69ddd4afeb240f4b470bb569425e4eb783f8cfe0b2b8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 06:03:10 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:33:02 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:27e275e458f36d552455bebccd244351/mode:33279/mtime:1585656379/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
4273794
etag
"27e275e458f36d552455bebccd244351"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
18796
x-amz-cf-id
MTMc8VfQ-7slSs33-lGjCKJmfDf4w4fzJvlInnjgrtldJh6em_9FdQ==
lf-formbuilder.css
app.leadformly.com/assets/css/frontend/ Frame 2851 		70 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/css/frontend/lf-formbuilder.css
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21fdfd4795139979810a9e4b682209e3ac0f11f9b1de295fe59da0eae2f1ec3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 06:40:21 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Thu, 16 Apr 2020 08:56:12 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1587027345/ctime:1587027345/gid:0/gname:root/md5:ae52bd85d1c9443e3c8199ef85840294/mode:33206/mtime:1587027190/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
14985163
etag
"ae52bd85d1c9443e3c8199ef85840294"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
71297
x-amz-cf-id
V799m_OKclp6vpKN8Gl7NuIwinxqXK42APnC3bZhUZUEw5Ts3HYNOw==
bootstrap-slider.css
app.leadformly.com/assets/css/ Frame 2851 		10 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/css/bootstrap-slider.css
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ced28bc0afd68e1c2ec564af6c3490d348529de3fa9b222e1c3e0452545ff1f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 00:48:44 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:33:10 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:639a9de5ace329e67c5bd27e4e907850/mode:33279/mtime:1585656338/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
4724660
etag
"639a9de5ace329e67c5bd27e4e907850"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
10264
x-amz-cf-id
bd7Ap8EoSEg2X10BQYLYpbNwbsxKrGwQfBFOW-BfKdZ-Gp2iavQv0w==
font-awesome.min.css
app.leadformly.com/assets/css/ Frame 2851 		30 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/css/font-awesome.min.css
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28a6c4441297ae7092e7c40ae145261cea8359ce55458f2a8787382f50e61fd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 03:22:27 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:33:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:5284895a78fa5226cf04016702864eb1/mode:33279/mtime:1585656375/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
16465836
etag
"5284895a78fa5226cf04016702864eb1"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
30939
x-amz-cf-id
jU5dTTVkH5b9qcxl3mAxTdM-M3ElKb78aY2eza3FTG4wSxKCus4JfA==
iframe-embed.js
app.leadformly.com/assets/js/embed/ Frame 2851 		275 KB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/js/embed/iframe-embed.js
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e0a34ca1f22881df09e8884f4a6a696aba30aeb5b50d69f2c65fb6c83ac2719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 07:52:01 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 01 Dec 2020 14:02:40 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1606831348/ctime:1606831348/gid:0/gname:root/md5:b14e2ca4c564569cc5488ea8db9ada8c/mode:33279/mtime:1606831181/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
4526463
etag
"b14e2ca4c564569cc5488ea8db9ada8c"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
281586
x-amz-cf-id
IqZfvdwceowBQFDT4janvh295BouabbayQrB7-55pY2MJiDLHgpV6A==
customized_image_1497434042grncheck.png
app.leadformly.com/customizedimages/optimized/ Frame 2851 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.leadformly.com/customizedimages/optimized/customized_image_1497434042grncheck.png
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
114372758124ae3827e66b507700a4ce7e3bc7b467fa4978818da51fafd68cbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 05:02:30 GMT
x-amz-version-id
6VkeFRYOSiNfa340jl58mTYgtaLfavPR
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Fri, 03 Apr 2020 08:28:37 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
4795834
etag
"9713a106088c687335b9072d87c7a055"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=94608000
accept-ranges
bytes
content-length
11719
x-amz-cf-id
qq5FsihBfU3yZ6N2v2GEWACtYSfXVXCC8kqEG7n1re0z_-ADtqeGRA==
expires
Thu, 14 Sep 2017 09:54:03 GMT
ring.svg
app.leadformly.com/assets/img/ Frame 2851 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.leadformly.com/assets/img/ring.svg
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b98d70b0873f3bade5ce88b3ffcc579e7d60ebfa91aa1926c4ebc4166fd84e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sun, 02 Oct 2022 03:50:28 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:34:51 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:bfce65630dcef9a21a5fba06f93925ff/mode:33279/mtime:1585656299/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
14390555
etag
"bfce65630dcef9a21a5fba06f93925ff"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
2274
x-amz-cf-id
IOlWPxFUl_7uMrNVrfG60vi6PyyWIBfLI3bYJfmS-kRZIfICAKaMxQ==
css
fonts.googleapis.com/ Frame 2851 		54 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,500,700|Open+Sans:300,500,700|Lato|Oswald:300,500,700|Source+Sans+Pro:300,500,700|Montserrat:300,500,700|Raleway:300,500,700|Slabo+27px:300,500,700|Roboto+Slab:300,500,700|PT+Sans:300,500,700|Merriweather:300,500,700|Lora:300,500,700|Droid+Sans:300,500,700|Ubuntu:300,500,700|Playfair+Display:300,500,700
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/css/frontend/lf-formbuilder.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9eb6905dc6fb05fc4496f7d1c29191f0abc1a5b8561fabe49d583c5254825c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Mar 2023 17:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Mar 2023 17:13:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Mar 2023 17:13:03 GMT
lfvh.min.js
app.leadformly.com/assets/js/ Frame 2851 		145 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/js/lfvh.min.js
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/js/embed/iframe-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32231e8fed76bff1fe9435e155835eee00bafdaba650436223c1aec6e5c7b50f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 01:06:59 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:36:02 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:397fb04975ce491acd26a67853997188/mode:33279/mtime:1585656387/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
17251565
etag
"397fb04975ce491acd26a67853997188"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
148068
x-amz-cf-id
c17siLPbF7BUO1ZB_znT_dGca50AIYpNEwjT8rN2RylkLrKOHJ6WFg==
grey-chevron.png
app.leadformly.com/assets/img/ Frame 2851 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.leadformly.com/assets/img/grey-chevron.png
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/css/frontend/lf-formbuilder.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
462df0676d3fcb43fe72f87681ccc0567c32d17d83f5bff79eea04a33fa465ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/assets/css/frontend/lf-formbuilder.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 18 Mar 2022 10:25:09 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:34:16 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:da41b0a8d0a9cea8a91c3caf99e88f82/mode:33279/mtime:1585656299/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
31474075
etag
"da41b0a8d0a9cea8a91c3caf99e88f82"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
18579
x-amz-cf-id
DCDo0jH1H9OB7bAQgwd2jV1xiQ8yY9ggKvBcVhJUG037MzTcsJC10Q==
lf-bootstrap.min.js
app.leadformly.com/assets/js/embed/v4.0/ Frame 2851 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/js/embed/v4.0/lf-bootstrap.min.js
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/js/embed/iframe-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87275bdfe7c31c968a5c5295ff8fc4db3ebec1ee0f6268631421c2032ac1449b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 09 Sep 2022 07:03:52 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:35:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:147a2f7780ba7234d2ed553ed981f3d4/mode:33279/mtime:1585656401/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
16366152
etag
"147a2f7780ba7234d2ed553ed981f3d4"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
36822
x-amz-cf-id
MX2M1YbUv0-nhTUhMTchgOwz3caeGetBPRcOPPOb4cdwj-KJvdXcTA==
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 2851 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/js/embed/iframe-embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

Referer
https://app.leadformly.com/
Origin
https://app.leadformly.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:03 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
38954
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
/
api.ipify.org/ Frame 2851 		24 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/js/lfvh.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.231.16.76 , United States, ASN18450 (WEBNX, US),
Reverse DNS
173-231-16-76.static.webnx.com
Software
/
Resource Hash
a701b89959e07be1f0135b032bbcadc50809625ae325249a5f71647d15b96a79

Request headers

Accept
*/*
Referer
https://app.leadformly.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
https://app.leadformly.com
date
Fri, 17 Mar 2023 17:13:04 GMT
content-length
24
vary
Origin
content-type
application/json
lf-embed-intlTelInput.min.js
app.leadformly.com/assets/js/embed/v4.0/ Frame 2851 		53 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.leadformly.com/assets/js/embed/v4.0/lf-embed-intlTelInput.min.js
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/js/embed/iframe-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1dcb3db74dec092112f8c5100123246c3a90cefeb63b01a84246bb55df80ac0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Sat, 03 Sep 2022 02:33:07 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:35:17 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:e7193d3455c704961fa63fb105545a5a/mode:33206/mtime:1585656409/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
16900796
etag
"e7193d3455c704961fa63fb105545a5a"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
53768
x-amz-cf-id
eF_cSdHYKP63p49llgr7fPx-arp-d-gPBQZDlGvKrMa7h45mZHvVVw==
check
api.ipstack.com/ Frame 2851 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipstack.com/check?access_key=6f809c83a15c7156127293553ce5bebd&callback=lfvh_jQuery1120046773309246941275_1679073183471&_=1679073183472
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/js/lfvh.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.254.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-254-78.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
flags.png
app.leadformly.com/assets/build/img/ Frame 2851 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.leadformly.com/assets/build/img/flags.png
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/assets/build/css/intlTelInput.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5dc46ee2193301edc4346992384f653711daf516db660ebd24e3b0423539e121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/assets/build/css/intlTelInput.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 10:00:47 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 13:33:03 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1585661572/ctime:1585661572/gid:0/gname:root/md5:9c96e0ed7093c095fd33870329282962/mode:33279/mtime:1585656409/uid:0/uname:root
x-amz-cf-pop
AMS1-P1
age
7629137
etag
"9c96e0ed7093c095fd33870329282962"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
66019
x-amz-cf-id
wj9Gl0pULex5qYMRYG3gaQtpzzvOAi0uEOqZy0rW5SGoJ80s2PB9Gg==
report-new-visit
app.leadformly.com/ Frame 2851 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.leadformly.com/report-new-visit?form_id=49596
Requested by
Host: app.leadformly.com
URL: https://app.leadformly.com/get_last_form_url/49596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.39.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-127.ams1.r.cloudfront.net
Software
Apache/2.4.41 (Unix) OpenSSL/1.1.1d / PHP/5.6.40
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.leadformly.com/get_last_form_url/49596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 17 Mar 2023 17:13:04 GMT
via
1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
server
Apache/2.4.41 (Unix) OpenSSL/1.1.1d
x-amz-cf-pop
AMS1-P1
x-powered-by
PHP/5.6.40
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
cache-control
no-cache
x-amz-cf-id
ON-xNWDI4bm5DGCLU7De19QggVLX9BNVGqRPn4BCMrKaIdMrlm0yWQ==

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless undefined| $ function| jQuery object| Alpine object| regeneratorRuntime object| dataLayer object| ifr undefined| get undefined| src function| iframePosition function| onTestScroll function| getCoords function| isOnScreen function| handleIFrameMessage object| mPS2id_params object| wp_autosearch_config object| lazySizes object| vue_search_data object| urlSelectedFilters object| globals function| menuSetup function| heroSetup object| google_tag_manager object| google_tag_data object| _sz function| onYouTubeIframeAPIReady object| gaGlobal

4 Cookies

Domain/Path Name / Value
.navihealth.com/ Name: nmstat
Value: 9b0ab770-2215-98df-50c6-c0f145b2b5c5
.navihealth.com/ Name: _ga_DKPWRQ2K9P
Value: GS1.1.1679073182.1.0.1679073182.0.0.0
.navihealth.com/ Name: _ga
Value: GA1.1.572832432.1679073182
6258689.global.siteimproveanalytics.io/ Name: AWSALBCORS
Value: f+2Nx76k22YUUB0f7Xz1SfQ7Gr2yNqqivjvRkWn/Z0oW3PyBDTsJoFqyw6h4yiXM9lH7Apxh0kFKJ+4WjYDuoTDdXqFSQ2bQeTO8llwICCkl5n6uZ5xADoPl6A6x

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6258689.global.siteimproveanalytics.io
api.ipify.org
api.ipstack.com
app.leadformly.com
cdn.jsdelivr.net
cdn.ravenjs.com
fonts.googleapis.com
maxcdn.bootstrapcdn.com
navihealth.com
region1.google-analytics.com
siteimproveanalytics.com
www.googletagmanager.com
173.231.16.76
18.184.201.251
18.210.254.78
18.65.39.127
2001:4860:4802:34::36
2606:4700::6810:5814
2606:4700::6812:acf
2606:4700:e6::ac40:c518
2a00:1450:4001:809::2008
2a00:1450:4001:813::200a
2a04:4e42:200::729
34.138.172.98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0bf507ba3142aa3a2f4bf435023785c182903f6e343b8dc099867245454c577c
114372758124ae3827e66b507700a4ce7e3bc7b467fa4978818da51fafd68cbd
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
21fdfd4795139979810a9e4b682209e3ac0f11f9b1de295fe59da0eae2f1ec3f
28a6c4441297ae7092e7c40ae145261cea8359ce55458f2a8787382f50e61fd3
32231e8fed76bff1fe9435e155835eee00bafdaba650436223c1aec6e5c7b50f
37569d024102d3b4fe238db257d1df719764726a86692aca7168bd92c9393d6f
3e0a34ca1f22881df09e8884f4a6a696aba30aeb5b50d69f2c65fb6c83ac2719
462df0676d3fcb43fe72f87681ccc0567c32d17d83f5bff79eea04a33fa465ea
496782ab3334350650199579a9d11294daae0fc54cf39a37017e8d5c8d4d2dad
4b98d70b0873f3bade5ce88b3ffcc579e7d60ebfa91aa1926c4ebc4166fd84e4
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5dc46ee2193301edc4346992384f653711daf516db660ebd24e3b0423539e121
648ae54592c6cb94119d6cbd10c4bfc763732d0e06c2a3d8656961fc2020b3cf
6e7a8be3c33936cb4a87b41905f611e2e08e8d14a6a8f9c0bf4ed699ebf4b813
82a49a218fa16d65225a09c98d5860f7e30dd4d30ed326a0b3a8be87297db7fb
85155e001351db758de5c48ea02cc7073f8068f2eede614061801db96b1fca60
858813e647cc7e009a972c3ce6990a4bf6f1fdc2922d5621b7176cca9e076e46
87275bdfe7c31c968a5c5295ff8fc4db3ebec1ee0f6268631421c2032ac1449b
8c8b0b0b4a2bbe021584d1ddc6a1646747344d0e215db78645c5f5cd94aa9fce
9a81d69a4ad0e2b940210a2bd44086c1be6b2c0737ca0977230ec5dec4f323aa
9cf1a940dc87a76df5c69ddd4afeb240f4b470bb569425e4eb783f8cfe0b2b8f
9eb6905dc6fb05fc4496f7d1c29191f0abc1a5b8561fabe49d583c5254825c9c
a4f367d720fec23438ef17e4a32c05129ed2e6dd5163167c9dd0787ea1f62de5
a701b89959e07be1f0135b032bbcadc50809625ae325249a5f71647d15b96a79
a85818f26608ddfece0843b427665fc83bdcde3586bbfd36cfe171bf278b3994
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b1dcb3db74dec092112f8c5100123246c3a90cefeb63b01a84246bb55df80ac0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc3e40447e278681c7e36d2f937a4da92599cd628a9d26d82ce30a1d9c48f15e
bd761f6ff15e12c71969ee25d35e19d76d8702a55357371b41aea997f9d62489
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c9cbb4c7b8f0053f3d2212586c6b6211fe79b630a0ceb426767ea83995b16882
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd4bb690ee52ddd0c0bd61248dbaf477ddb6f7fc4ffd90ca5227354ede71f01d
ced28bc0afd68e1c2ec564af6c3490d348529de3fa9b222e1c3e0452545ff1f6
d1e6030847536d6107689f6e801d895b2269a2f6e58aa9e0c770453906422dac
d220966f271a6cf06c276bb83bc96dca8779c8c620f60ccf3238221130f41825
d82a7d3f1341676f5fe064d9603d0cfc1579e4e3788c3709ed6bcbdc3000b5d2
dacf0029703226b5a2f6313774c7cf3ed6c48ac77bab1ed3ad160ff05f8b5d3e
de17b776265dd41760c50e355313ae3a95988e0ba1a429a6d50135091ab86864
e16355e8227ed0b9a11065116c43b6ee9b9ec0fa9431086d77fb122510f0531b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f11b72978f3f04621c2e130d92527099190788f5e08f4a5ef05c72a95fcfa707