support.sanfordhealthfoundation.org Open in urlscan Pro
2606:4700::6811:fc21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://support.sanfordhealthfoundation.org/
Submission: On June 13 via automatic, source certstream-suspicious (June 13th 2021, 4:40:12 pm UTC)

Summary HTTP 75 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 26 domains to perform 75 HTTP transactions. The main IP is 2606:4700::6811:fc21, located in United States and belongs to CLOUDFLARENET, US. The main domain is support.sanfordhealthfoundation.org.
TLS certificate: Issued by Thawte TLS RSA CA G1 on September 3rd 2019. Valid for: 2 years.

This is the only time support.sanfordhealthfoundation.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6811:fc21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	13.32.2.75 13.32.2.75	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00::210:bac8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:e4:... 2606:4700:e4::ac40:ac0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	52.212.91.150 52.212.91.150	16509 (AMAZON-02) (AMAZON-02)
6 9	52.30.121.169 52.30.121.169	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206e:7600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1 3	104.111.247.190 104.111.247.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	18.194.103.106 18.194.103.106	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	3.120.242.149 3.120.242.149	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.11 185.33.221.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	82.199.68.72 82.199.68.72	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
75	30

2 2606:4700::6811:fc21 (United States)

ASN13335 (CLOUDFLARENET, US)

support.sanfordhealthfoundation.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 13.32.2.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-2-75.vie50.r.cloudfront.net

assets.donordrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:bac8 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e4::ac40:ac0c (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.91.150 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-91-150.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.30.121.169 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-121-169.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:7600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.247.190 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-247-190.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.103.106 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-103-106.eu-central-1.compute.amazonaws.com

18499.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.242.149 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.11 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.72 (Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	donordrive.com assets.donordrive.com	2 MB
14	adroll.com 7 redirects s.adroll.com d.adroll.com	23 KB
7	google-analytics.com www.google-analytics.com	19 KB
6	facebook.com www.facebook.com	440 B
6	facebook.net connect.facebook.net	315 KB
4	serving-sys.com 1 redirects secure-ds.serving-sys.com bs.serving-sys.com	17 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	doubleclick.net 1 redirects stats.g.doubleclick.net cm.g.doubleclick.net	349 B
3	gstatic.com fonts.gstatic.com	57 KB
2	openx.net 1 redirects us-u.openx.net	479 B
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bidswitch.net 1 redirects x.bidswitch.net	873 B
2	youtube.com www.youtube.com	41 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	googletagmanager.com www.googletagmanager.com	107 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	30 KB
2	sanfordhealthfoundation.org support.sanfordhealthfoundation.org	10 KB
1	yahoo.com ads.yahoo.com	446 B
1	siteimproveanalytics.io 18499.global.siteimproveanalytics.io	650 B
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	google.de www.google.de	63 B
1	google.com www.google.com	63 B
1	quantcount.com rules.quantcount.com	2 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
1	crazyegg.com script.crazyegg.com
75	26

	Domain	Requested by
17	assets.donordrive.com	support.sanfordhealthfoundation.org assets.donordrive.com
9	d.adroll.com	6 redirects support.sanfordhealthfoundation.org
7	www.google-analytics.com	support.sanfordhealthfoundation.org www.google-analytics.com www.googletagmanager.com
6	www.facebook.com	connect.facebook.net support.sanfordhealthfoundation.org
6	connect.facebook.net	ajax.googleapis.com connect.facebook.net support.sanfordhealthfoundation.org
5	s.adroll.com	1 redirects www.googletagmanager.com support.sanfordhealthfoundation.org s.adroll.com
3	secure-ds.serving-sys.com	1 redirects www.googletagmanager.com support.sanfordhealthfoundation.org
3	fonts.gstatic.com	fonts.googleapis.com
2	us-u.openx.net	1 redirects support.sanfordhealthfoundation.org
2	ib.adnxs.com	1 redirects support.sanfordhealthfoundation.org
2	x.bidswitch.net	1 redirects support.sanfordhealthfoundation.org
2	platform.twitter.com	ajax.googleapis.com platform.twitter.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	support.sanfordhealthfoundation.org www.googletagmanager.com
2	support.sanfordhealthfoundation.org	ajax.googleapis.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	cm.g.doubleclick.net	1 redirects
1	ads.yahoo.com	support.sanfordhealthfoundation.org
1	syndication.twitter.com	platform.twitter.com
1	18499.global.siteimproveanalytics.io	support.sanfordhealthfoundation.org
1	extend.vimeocdn.com	www.googletagmanager.com
1	pixel.quantserve.com	support.sanfordhealthfoundation.org
1	www.google.de	support.sanfordhealthfoundation.org
1	www.google.com	support.sanfordhealthfoundation.org
1	rules.quantcount.com	secure.quantserve.com
1	d.adroll.mgr.consensu.org	1 redirects
1	siteimproveanalytics.com	support.sanfordhealthfoundation.org
1	script.crazyegg.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	fonts.googleapis.com	support.sanfordhealthfoundation.org
1	ajax.googleapis.com	support.sanfordhealthfoundation.org
75	32

This site contains links to these domains. Also see Links.

Domain
sanfordhealthfoundation.org
www.sanfordhealthfoundation.org
www.facebook.com
www.linkedin.com
www.instagram.com
www.donordrive.com

Subject Issuer	Validity	Valid
support.sanfordhealthfoundation.org Thawte TLS RSA CA G1	`2019-09-03` - `2021-09-02`	2 years	crt.sh
*.donordrive.com Thawte TLS RSA CA G1	`2020-02-05` - `2022-03-06`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-09` - `2022-05-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-03-17` - `2022-03-22`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-27` - `2021-07-14`	2 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://support.sanfordhealthfoundation.org/
Frame ID: 2A6A6936E7881391C498EBBF940EF21E
Requests: 73 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fsupport.sanfordhealthfoundation.org
Frame ID: B9228AFE3B5048EC7D52AB9A6B548CC6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

75
Requests

100 %
HTTPS

63 %
IPv6

26
Domains

32
Subdomains

30
IPs

6
Countries

2546 kB
Transfer

4910 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://sanfordhealthfoundation.org/

Search URL Search Domain Scan URL

URL: https://www.sanfordhealthfoundation.org/event/
Title: FIND A LOCAL EVENT

Search URL Search Domain Scan URL

URL: https://www.sanfordhealthfoundation.org/impact/
Title: annual impact report

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanfordhealthfoundation/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/showcase/sanford-health-foundation/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sanfordhealthfoundation/
Title:

Search URL Search Domain Scan URL

URL: http://www.donordrive.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://s.adroll.com/j/exp/I65OCWH5ONB6RLGM5QBNAX/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 41

https://d.adroll.mgr.consensu.org/consent/iabcheck/I65OCWH5ONB6RLGM5QBNAX?_s=d62ec454a40c3179417d16bc4bfeb5d3&_b=2 HTTP 302
https://d.adroll.com/consent/check/I65OCWH5ONB6RLGM5QBNAX/?_s=d62ec454a40c3179417d16bc4bfeb5d3&_b=2

Request Chain 51

https://d.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&pv=85207111285.29874&cookie=&adroll_s_ref=&keyw= HTTP 302
https://s.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/YFUMXCVVTNBRXOSM3LMZDR.js

Request Chain 60

https://d.adroll.com/cm/r/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX HTTP 302
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 61

https://d.adroll.com/cm/b/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg

Request Chain 62

https://d.adroll.com/cm/x/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX HTTP 302
https://ib.adnxs.com/setuid?entity=172&code=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg

Request Chain 64

https://d.adroll.com/cm/o/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=14bc6f50576b87101ccf600f75bc7aa8 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=14bc6f50576b87101ccf600f75bc7aa8

Request Chain 65

https://d.adroll.com/cm/g/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=FLxvUFdrhxAcz2APdbx6qA HTTP 302
https://d.adroll.com/cm/g/in

Request Chain 66

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/10269 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
support.sanfordhealthfoundation.org/ 28 KB
8 KB 658ms
621ms Document
text/html 2606:4700::6811:fc21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:fc21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70ea2c7382a36955d038e16166c146522ceab14468ac36975e57506aa795e2c1

Request headers

:method: GET
:authority: support.sanfordhealthfoundation.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:50 GMT
content-type: text/html;charset=UTF-8
set-cookie: AWSALB=gCItWrjG9vXAsREpiqIqjaOdRs2E864zRUqjsuPgSl1GPE+wCSGwKe9D5mhLHCuo0W/ln9097Epda8HjibS5f/u9SA9StbE3J/vwrKCpLBZR1RRWkGNcloKRdDBs; Expires=Sun, 20 Jun 2021 16:39:49 GMT; Path=/ AWSALBCORS=gCItWrjG9vXAsREpiqIqjaOdRs2E864zRUqjsuPgSl1GPE+wCSGwKe9D5mhLHCuo0W/ln9097Epda8HjibS5f/u9SA9StbE3J/vwrKCpLBZR1RRWkGNcloKRdDBs; Expires=Sun, 20 Jun 2021 16:39:49 GMT; Path=/; SameSite=None; Secure CFID=1022333; Path=/; Secure; HttpOnly CFTOKEN=41e1fc040f38dbc-3E700A6B-D750-3163-BEA0271312317F22; Path=/; Secure; HttpOnly PUBLICAPPLANGUAGE=DEFAULT%3Ben%5FUS; Path=/ COOKIETEST=1; Path=/ __cfruid=87dc98b5ffe007092a50e20dd8a58d01a1e2d4c9-1623602390; path=/; domain=.support.sanfordhealthfoundation.org; HttpOnly; Secure; SameSite=None
content-language: en-US
vary: Accept-Encoding
x-ua-compatible: IE=Edge
cf-cache-status: DYNAMIC
cf-request-id: 0aa7d779ff00002bca4a9d4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65ecc1d66c912bca-FRA
content-encoding: gzip

GET
H2 200 dd-public.min.css
assets.donordrive.com/resources/css/ 209 KB
33 KB 248ms
135ms Stylesheet
text/css 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/css/dd-public.min.css?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ce4e41d7428308d6a65ee1dc92b56f7205039800ad906a39654b74ee54f321f6

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: CQxia4huZvzex2qRH8v8bpvlwvJoamS3
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:20:38 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"3dcaf39f7ff9106d52a47566eb831723"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cache-control: 1800
date: Sun, 13 Jun 2021 16:39:50 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: KGGsXckHe_jkgBEMVXgHKgYjN4vO9rVp52lRSsWqdFWgHSmqHIFgbA==

GET
H2 200 master.min.css
assets.donordrive.com/themes/sanfordhealth2021/css/ 104 KB
16 KB 651ms
538ms Stylesheet
text/css 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/css/master.min.css?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43ec49ecc515655e6eaf19ea501221c85c463bd5183afdd6c2f3e50563413e23

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 4k7nTK025fhrm05yMkgyqFYWYgEDUJJQ
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 17:54:45 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"f3f8cbdb09401fec1bf30845820a04f2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cache-control: 1800
date: Sun, 13 Jun 2021 16:39:51 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: fTjT4pz3KLcXvlQUiQREuxeHL6u4qKoHxaL3m9kwagmBOfsQ_y7UWw==

GET
H2 200 design-system.min.css
assets.donordrive.com/themes/_design-system/public/css/ 456 KB
33 KB 202ms
90ms Stylesheet
text/css 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/_design-system/public/css/design-system.min.css?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7dd12b2e4190b646c669be3ef022b456d78aa96aa4358637e07bcb54f3e57107

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fotrNr4dXqRfQMWwmDTqi6gmyDtd1ww8
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 14:08:12 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"f241adc264be0b94c3e6b6911b7937ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cache-control: 1800
date: Sun, 13 Jun 2021 16:39:50 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: 5DXv7zdBAjAO_roos2PVb0eVshZJfQG_-21TLu0AkFdia0k4kD1dag==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:37:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 16:37:31 GMT

GET
H2 200 jquery-migrate-3.0.1.min.js Show response
assets.donordrive.com/resources/js/ 11 KB
4 KB 566ms
453ms Script
application/javascript 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/jquery-migrate-3.0.1.min.js?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3e5606a0a254e0c87a339d40975fff730cff57442ccd98580ac5cd37f412678

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 14:24:30 GMT
server: AmazonS3
etag: W/"a738b025728b6c0fd70db0a0330e31b2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: _O42n5McGDQJ555UWGMHKxn4N9GBvI1O
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
cache-control: 1800
content-type: application/javascript
x-amz-cf-id: 93h4CS-7MUMIzroZuYJSzXHxAEhJsCWb6v6dVAi1irjKCd7CpPDLPA==

GET
H2 200 dd.min.js Show response
assets.donordrive.com/resources/js/ 96 KB
27 KB 588ms
476ms Script
application/javascript 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/dd.min.js?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efaa82490f1e59a161aac3b05e2b626ad2f24d87e803d61b0044d368272eca15

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 17 Dec 2020 15:13:47 GMT
server: AmazonS3
etag: W/"4b23fa569fdacc608259e5cfc5cfbddc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: BU4myvASRw31T3h_tMMlwjCxHHnT0dOk
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
cache-control: 1800
content-type: application/javascript
x-amz-cf-id: gtqtp61q4JCPmy1meKeB3aZAvG3qwrxn3hCUm6w-pdYitx86SdZ6jg==

GET
H2 200 donordrive.widget.js Show response
assets.donordrive.com/resources/js/ 6 KB
2 KB 587ms
475ms Script
application/javascript 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/donordrive.widget.js?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 542875fb61be689c4bca355e3c9fbd792a31b8559a653f45eae728d4877e80fc

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Wed, 11 Nov 2020 14:24:30 GMT
server: AmazonS3
etag: W/"b5129b109b89171b41716689e6363231"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: TbfYgoJw1hd6D..tr_xCOKAOgicvAwI8
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
cache-control: 1800
content-type: application/javascript
x-amz-cf-id: jFee1jk9sR1mdDE0nZiw2SR3iIY2hET_mdlta9zMOg74qzuvxQRksg==

GET
H2 200 donordrive.api.js Show response
assets.donordrive.com/resources/js/ 9 KB
3 KB 566ms
454ms Script
application/javascript 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/js/donordrive.api.js?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13144931ff2157d8c80ab37987bd1f66fa501870df0a8581ad8329df5f44c1ff

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 06 Apr 2021 13:26:45 GMT
server: AmazonS3
etag: W/"0456026f00c4cc5d18290d57802e5913"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: juXsQPnm6flK9InkIJrA3lg3SicbfM3t
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
cache-control: 1800
content-type: application/javascript
x-amz-cf-id: 2WV9ePk-zJEj62BXieDLR0E_mpJc-hYEvfYwciTMV7CuoZ-IvtUmPA==

GET
H3-29 200 css2
fonts.googleapis.com/ 5 KB
625 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9939c64b68e82973408f7c213e789d236a600b89e90ba6896ce98de889e6ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 14:54:17 GMT
server: ESF
date: Sun, 13 Jun 2021 16:39:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Jun 2021 16:39:50 GMT

GET
H2 200 logoImage.png
assets.donordrive.com/sanford/images/ 4 KB
4 KB 497ms
495ms Image
image/png 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/sanford/images/logoImage.png
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 447be4df5f3fc420a093aa1c2370f5a84c4c63394ea75633be18ea504781ce1e

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jul 2019 17:49:35 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: "7f60f2fd699f12e4923c34727104a6fb"
x-cache: Miss from cloudfront
x-amz-version-id: null
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 3725
x-amz-cf-id: ZRJEPyZBu1dBREmatF_cvVhWAhkjfckspp4k2dExdCXBp2Jyf72tKA==

GET
H2 200 1296.png
assets.donordrive.com/sanford/images/$cms$/100/ 2 MB
2 MB 484ms
483ms Image
image/png 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/sanford/images/$cms$/100/1296.png
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0975267e3a7109a27fa1a413d98b868ce416917c0e1037e3a5e7411e7648c7ca

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Tue, 18 May 2021 22:10:02 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: "037414edd7c2e4e595b9bcc92490db61"
x-cache: Miss from cloudfront
x-amz-version-id: HoTQibsFucokW11uT6rDlJRz_HTWBDNg
cache-control: max-age=1800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 1583284
x-amz-cf-id: j1xa9FRPGQBHx9boZoKFyU37WrC7RLQ981wCfqan6ovPNv9VvathYA==

GET
H2 200 logo-combo-white.png
assets.donordrive.com/themes/sanfordhealth2021/img/ 6 KB
6 KB 450ms
448ms Image
image/png 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/img/logo-combo-white.png?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c31151fb27b0b1ec59d81caa7e5fb6b2e4b07cc33d3d064963016aa2eca0367

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
last-modified: Mon, 15 Mar 2021 13:58:24 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: "4d888176833f7a0b7c68fd6030807211"
x-cache: Miss from cloudfront
x-amz-version-id: scC.rONG0o9vQwPhWTBFY66Uptj0e9Wi
cache-control: 1800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-type: image/png
content-length: 6200
x-amz-cf-id: 5DpzwiOsU2zQvjBTzasbOGCnM9GmlD891zdYlWSDHfc7uIlEA--RIQ==

GET
H2 200 icon-instagram.svg
assets.donordrive.com/themes/sanfordhealth2021/img/ 4 KB
2 KB 526ms
524ms Image
image/svg+xml 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/img/icon-instagram.svg?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb6e01f296c32e74cb3349078a2bc0510a41ef697170bd11b1f19bc7e2b09710

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:58:24 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"a92f64e5f416a36a073c862ee3f0fe35"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: uATw7rpyexSEXeOq9mgaX98.KdlpVeeA
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cache-control: 1800
x-amz-replication-status: COMPLETED
content-type: image/svg+xml
x-amz-cf-id: qeY12I1HibPmSWrv2PHUc5SDlsCAWt5U-5uqnBHNIZwVpVKxABJ7Gw==

GET
H2 200 dd-logo-light.svg
assets.donordrive.com/themes/resources/img/brand/ 10 KB
4 KB 67ms
66ms Image
image/svg+xml 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.donordrive.com/themes/resources/img/brand/dd-logo-light.svg?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4401f65be9f6f2c111a9c74d416b5c0dd3fca273220ee82577b37fc4f0bff1c

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: rEM2oRj2gUgcGqtx9UhqiRuDNERG451r
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 14:26:43 GMT
server: AmazonS3
age: 153
etag: W/"a0f69cc2cfcfe9653dbea1883b82c4f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cache-control: 1800
date: Sun, 13 Jun 2021 16:37:19 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: VIE50-C2
x-amz-cf-id: buLHRJ_V5FmLeDTusRAlHtso389TSCEXcoVDvYkwt8ukwNAizMC1Xg==

GET
H2 200 theme.js Show response
assets.donordrive.com/themes/sanfordhealth2021/js/theme/ 4 KB
2 KB 485ms
484ms Script
application/javascript 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/js/theme/theme.js?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9790f50564004c64e6a5d537b52e2c2d0277ff467abdd6d373772afa59ded28a

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 15 Mar 2021 13:58:24 GMT
server: AmazonS3
etag: W/"124a911e1cccf5f5b50508554ee4fd1c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 8bTWoyQsuM8OAjzV2qf_qOmOij1FT3S_
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
cache-control: 1800
content-type: application/javascript
x-amz-cf-id: DPRY84BCidl1D62HC5q5fhTc8LM4ber-6oqtBS3ZfQEof8CwbRrp4Q==

GET
H2 200 nav.js Show response
assets.donordrive.com/themes/sanfordhealth2021/js/theme/ 4 KB
2 KB 484ms
484ms Script
application/javascript 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/js/theme/nav.js?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 36f04df55db83d16477f9ea11f4bff8bec6337cdb8935663f929cab51257fa2e

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Mon, 15 Mar 2021 13:58:24 GMT
server: AmazonS3
etag: W/"3aacece8696982737dfd958a7130a7bd"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: iklo8RrmRyOQ7sJwXvVB0XZAFPdyKTH_
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
cache-control: 1800
content-type: application/javascript
x-amz-cf-id: zJXNAcncATxxhlSSbEYVjQEUCB0VeUZUQUXI0gF9sUduS8Uwwfi_UQ==

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
61 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f416c2538f4bbe78af46dd000bd54ae2fcefd37753bd805f048db0c3817a368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62513
x-xss-protection: 0
last-modified: Sun, 13 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H2 200 print.min.css
assets.donordrive.com/themes/sanfordhealth2021/css/ 5 KB
2 KB 451ms
450ms Stylesheet
text/css 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/css/print.min.css?v=202106100930
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62cd0a38261c2a87e20d35a4cc20d48b57f47fa0a21870f8ed7b83ddc5a3abf5

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
content-encoding: gzip
last-modified: Mon, 15 Mar 2021 13:58:24 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C2
etag: W/"bfb23c3a7a03be7645cde68e5bee341a"
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-version-id: E9hcQrYaJOSuplxFMlFKdqZGbAESZTSE
via: 1.1 2a5303ed411734ba7adcd9ff65d96392.cloudfront.net (CloudFront)
cache-control: 1800
x-amz-replication-status: COMPLETED
content-type: text/css
x-amz-cf-id: E0ZAoVl0K7xq8hPI7OPBDOItnm1PmgLGGqfKiOoMZeeTxj_cesjfmA==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a64d62d663c12b2f0b849629306773963100fae754498476494166ce16b2a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ApEwrlcD5iFiScbqJ85SBA==
cross-origin-resource-policy: cross-origin
expires: Sun, 13 Jun 2021 16:50:45 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: 2QhYCTZoEsSnK5tClkFvR63nExtiRNjLVl1lfAXVHSNUtpJDhQgcHiIk6Vbxu2hzwK/krclE+ROT89LlcBc/IA==
x-fb-content-md5: 395095dac30a5ab242d83b7809c55e64
date: Sun, 13 Jun 2021 16:39:50 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "450adfce5f344bf2523a6056e45c9978"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 6073
date: Sun, 13 Jun 2021 14:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 13 Jun 2021 16:58:37 GMT

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 12ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:48:20 GMT
x-content-type-options: nosniff
age: 129091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:48:20 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 11ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:30:08 GMT
x-content-type-options: nosniff
age: 119383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:30:08 GMT

GET
H2 200 fontawesome-webfont.woff
assets.donordrive.com/resources/font/ 43 KB
43 KB 555ms
550ms Font
binary/octet-stream 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/resources/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: assets.donordrive.com
URL: https://assets.donordrive.com/resources/css/dd-public.min.css?v=202106100930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://assets.donordrive.com/resources/css/dd-public.min.css?v=202106100930
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43572
last-modified: Wed, 11 Nov 2020 14:24:21 GMT
server: AmazonS3
etag: "b683029bafe0305ac2234038a03e1541"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Gq6uI.IxaR7D_0N6OMmqvoifXuBq29Q8
access-control-allow-origin: *
cache-control: 1800
accept-ranges: bytes
content-type: binary/octet-stream
x-amz-cf-id: 6vYZzTb_8dyOiPYYoQYhp8iYqH2jAojw9sMdHO4AGYNGGQZaXrRMKQ==

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 9ms
5ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 19:23:12 GMT
x-content-type-options: nosniff
age: 76599
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 19:23:12 GMT

GET
H2 200 tahu.woff
assets.donordrive.com/themes/sanfordhealth2021/fonts/ 36 KB
36 KB 455ms
453ms Font
binary/octet-stream 13.32.2.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.donordrive.com/themes/sanfordhealth2021/fonts/tahu.woff
Requested by: Host: assets.donordrive.com
URL: https://assets.donordrive.com/themes/sanfordhealth2021/css/master.min.css?v=202106100930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.2.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-2-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3c0e4f90e828cfcd4f2981554d34da4bfa6cd1dc46a7d651992fb533ae4e3a6

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://assets.donordrive.com/themes/sanfordhealth2021/css/master.min.css?v=202106100930
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JHelzaWDYkm4bNmxoKOWhMoAKj2_y6lV
via: 1.1 4a902cabdcc0eca6e00cc44c2a8b91da.cloudfront.net (CloudFront)
etag: "cb93dcc5da0b5a230ff590e0be2fc88d"
x-amz-cf-pop: VIE50-C2
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-length: 36708
last-modified: Mon, 15 Mar 2021 13:58:24 GMT
server: AmazonS3
date: Sun, 13 Jun 2021 16:39:52 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: 1800
accept-ranges: bytes
x-amz-cf-id: gG994uZNJkOky0zdtWxrf81HwSbh2NO0P5ogLtQa2pdxvnzkPyKsig==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 223 KB
65 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=06428432848aeb19a6477fc4ba307e43&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ffd3aef580f46de304fd6f42c980ac59968ea0bfdc369a49f2b7712fef1e16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://support.sanfordhealthfoundation.org
Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3AxiXlwiDlpcFMReZN4OyA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 66902
x-fb-rlafr: 0
x-fb-debug: byjWIs7rmeCno2lQ04nsSXy+gAiqSdVKDTBzydoBQAoB/AQLd56bUrLb6f7JTBDGCz4ZxI0YNzZoEbnl+oIMfQ==
x-fb-content-md5: 22b601f2dfcb1cb6ac87905b8908d760
x-frame-options: DENY
date: Sun, 13 Jun 2021 16:39:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "c285607078cbf4804355b5a13189a7b2"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 13 Jun 2022 15:06:29 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-129339367-1&cid=1114790431.1623602391&jid=1098463059&gjid=1541764143&_gid=1683801711.1623602391&_u=IGBAgAABAAAAAE~&z=4862262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 13 Jun 2021 16:39:51 GMT
content-type: text/plain
access-control-allow-origin: https://support.sanfordhealthfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=43018569&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAB~&jid=1098463059&gjid=1541764143&cid=1114790431.1623602391&tid=UA-129339367-1&_gid=1683801711.1623602391&z=1079865671

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 08:36:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28981
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 119 KB
46 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-31ESZMPCDS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f3c48c58dace75c148d5cf0e0b3be549bf6d5a6bad3ff12c5adced9e37ddb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46877
x-xss-protection: 0
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 43 KB
14 KB 22ms
8ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bdbd13a9da4238bc080d842dc7a9ec35b489331b7d62efb221190e1e2e7207c

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RVXD6y5am6YixIs20gc16A7S2LiJxdei
Content-Encoding: gzip
ETag: "e7e1157bceb87dc38d309f98df7a67f9"
x-amz-request-id: MZ32NXSB60KG21X7
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 13670
x-amz-id-2: 0dolC8tVzZ+EUXwNdKgzBqn22lBOFTUzjbbjLZU7W29r5KFgrwObTlLUgal7kdfmt02JuAfQPWM=
Last-Modified: Wed, 02 Jun 2021 22:36:05 GMT
Server: AmazonS3
Date: Sun, 13 Jun 2021 16:39:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 25ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
etag: "WhyxmPkT7L77qVDcrjxwGw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sun, 20 Jun 2021 16:39:51 GMT

GET
H2 410 8724.js
script.crazyegg.com/pages/scripts/0063/ 0
0 54ms
35ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0063/8724.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2021 14:35:22 GMT
server: cloudflare
age: 7469
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 65ecc1e08be72b12-FRA
content-length: 0
cf-request-id: 0aa7d7805400002b12642a2000000001

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=43018569&t=pageview&_s=1&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEABAAAAAG~&jid=1702124688&gjid=1587416197&cid=1114790431.1623602391&tid=UA-100935087-1&_gid=1683801711.1623602391&_r=1&gtm=2wg690WFKDGHS&z=38215031

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.sanfordhealthfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 siteanalyze_18499.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 42ms
17ms Script
application/javascript 2606:4700:e4::ac40:ac0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_18499.js
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:ac0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a399e0911aa0af43fce06b23ea192d31d6f822f589729a09f2a2e177885f09

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2765
cf-ray: 65ecc1e098dd05e4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8111
x-amz-id-2: JI9xxgXzORSTUROax16wvStyuCgx8XaBg1Da/XeuWCnSl+NItVHn2cjMKWzV155AEf3MyEanRbg=
last-modified: Fri, 11 Jun 2021 13:49:43 GMT
server: cloudflare
etag: "295afb4f1a346f52f2237fd46036a70f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3pRZojtxsdEJyx0y0iet7mjb5CJ%2F3w2fWNWsasWjewU10fiaJ4Ej0nMK9Lx3yffLk%2FLyLPgAg9oQ6Wb84OV%2FSYQiL8YKwJIv%2BQjFcn0xr%2Fcy0HaQ7wnO5op%2B7RmoVzlVcibc%2BSVxJsRMo%2Bfn4BAI%2F4tW"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: ZZZ9NFYPMW4AEHCV
cache-control: max-age=86400, no-transform
cf-request-id: 0aa7d78060000005e42baec000000001
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: 1hGySaUkj+5vCMNTnfd/h1EFEh90PTLH1+H62XU0p1pwJYDvBR7zR24fJRDAhPJKqLJTf2pARso9esgxkoP5hA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Jun 2021 16:39:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2281fa4c167ea82397491114da8ab1adbe03317c87070642210faea981b2b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H3-29 200 status
www.facebook.com/x/oauth/ 0
0 30ms
29ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=483425325570254&input_token&origin=1&redirect_uri=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=06428432848aeb19a6477fc4ba307e43&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Oj6BEGesO9jbarDzXSkNMTRtZ5OKCy31G6prFKyCn2IZTSlNdi7YSACA21Co11UT3zGVwmlQqJfr772wMxrQVQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 13 Jun 2021 16:39:51 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://support.sanfordhealthfoundation.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-100935087-1&cid=1114790431.1623602391&jid=1702124688&gjid=1587416197&_gid=1683801711.1623602391&_u=aGDAAEABAAAAAG~&z=1452192986

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 13 Jun 2021 16:39:51 GMT
content-type: text/plain
access-control-allow-origin: https://support.sanfordhealthfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 158452134738346 Show response
connect.facebook.net/signals/config/ 264 KB
75 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/158452134738346?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33853a04c41065c28257c1dc32cf997cc1c7c314e7247c0a44fb27c4c3fc3ac4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: O++eLsbNIjQlrYI3Ip4NGpnaBXNEINTXJEA0yR3H4WEaIdXl0tWUlHJ2CMrstRdib1J8YhGnS9YzOTyi5QRm6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Jun 2021 16:39:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/I65OCWH5ONB6RLGM5QBNAX/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: E6Gl9B7gPbHVX38jHWUJV0Im5cXEZg8.
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: 6J6WV6RWN730WHRP
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 5fY3mOf86PHfXzznpqyZ93VnsPjHl6TGgYcWIYb8oAwsAUfC3CR9Q6oHbvANb3at/wFXTkgrlzE=
Last-Modified: Thu, 20 May 2021 19:48:38 GMT
Server: AmazonS3
Date: Sun, 13 Jun 2021 16:39:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Sun, 13 Jun 2021 16:39:51 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/ 0
773 B 214ms
203ms Script
text/javascript 2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SFHzQE7UbOU_3XihOQkWUWEGEv4jtXh5
Content-Encoding: gzip
ETag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: VWNZYZ75QHJVPY5E
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 20
x-amz-id-2: jRb1jTm2N1O2bH2KO3D22rGZFxwZVUZ5iILHMdTOSZtjD8ZH2l8Ec2Z7gEJehAOH+2nwTRgCv5w=
Last-Modified: Sun, 13 Jun 2021 00:15:25 GMT
Server: AmazonS3
Date: Sun, 13 Jun 2021 16:39:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2

200

/ Show response
d.adroll.com/consent/check/I65OCWH5ONB6RLGM5QBNAX/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/I65OCWH5ONB6RLGM5QBNAX?_s=d62ec454a40c3179417d16bc4bfeb5d3&_b=2
https://d.adroll.com/consent/check/I65OCWH5ONB6RLGM5QBNAX/?_s=d62ec454a40c3179417d16bc4bfeb5d3&_b=2

393 B
862 B

119ms
40ms

Script
application/javascript

52.30.121.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/I65OCWH5ONB6RLGM5QBNAX/?_s=d62ec454a40c3179417d16bc4bfeb5d3&_b=2
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.121.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-121-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 1bd3d6c7c937ea746d5ab2d9692eea7f33fa51b3cf4ad2fb4de85d0d9056168e

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-type: application/javascript
content-length: 393
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location: https://d.adroll.com/consent/check/I65OCWH5ONB6RLGM5QBNAX/?_s=d62ec454a40c3179417d16bc4bfeb5d3&_b=2
date: Sun, 13 Jun 2021 16:39:51 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 rules-p-QyB-qVn2D6mFH.js Show response
rules.quantcount.com/ 5 KB
2 KB 87ms
43ms Script
application/javascript 2600:9000:206e:7600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-QyB-qVn2D6mFH.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:7600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c30831772b9e3508554386d8beaa7cf75cf26bf30fa5de04f3628da61c4e7cc2

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:35:22 GMT
content-encoding: gzip
age: 270
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Mon, 13 Aug 2018 22:00:01 GMT
server: AmazonS3
etag: W/"452ab60ff2c30f9dc9a19b2debc0a0b5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: USFmqPvkKyP16mPXLDVk93eiqKHA6x-vj3xVDDPp0qrNT0B70dwicw==

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 157ms
155ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-100935087-1&cid=1114790431.1623602391&jid=1702124688&_u=aGDAAEABAAAAAG~&z=810721648

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 59ms
57ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-100935087-1&cid=1114790431.1623602391&jid=1702124688&_u=aGDAAEABAAAAAG~&z=810721648

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-widgetapi.js Show response
www.youtube.com/s/player/a7cbbf24/www-widgetapi.vflset/ 122 KB
40 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a7cbbf24/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fcf8378d662c036e1412af20e143aa1ed6bd0e7eac1cb1d72a15d29e56b403a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 22:30:09 GMT
server: sffe
age: 674
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41367
x-xss-protection: 0
expires: Mon, 13 Jun 2022 16:28:37 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 13ms
12ms Ping
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-31ESZMPCDS&gtm=2oe690&_p=43018569&sr=1600x1200&ul=en-us&cid=1114790431.1623602391&_s=1&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&dt=Sanford%20Health%20Foundation&sid=1623602391&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-31ESZMPCDS&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.sanfordhealthfoundation.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1530208326;labels=Audience%2C_fp.event.Foundation%20domain;source=gtm;rf=0;a=p-QyB-qVn2D6mFH;url=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-711...
pixel.quantserve.com/ 35 B
372 B 12ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1530208326;labels=Audience%2C_fp.event.Foundation%20domain;source=gtm;rf=0;a=p-QyB-qVn2D6mFH;url=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-71169349-1623602391234;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=82efd7d8-20210517233434;cm=;gdpr=0;ref=;d=sanfordhealthfoundation.org;je=0;sr=1600x1200x24;dst=1;et=1623602391234;tzo=-120;ogl=site_name.Sanford%20Health%20Foundation%2Ctype.website%2Curl.https%3A%2F%2Fsupport%252Esanfordhealthfoundation%252Eorg%2F%2Ctitle.I'm%20supporting%20Sanford%20Health%20Foundation!%2Cdescription.The%20Sanford%20Health%20Foundation%20is%20the%20fundraising%20arm%20for%20Sanford%20Health%252E%20Our%20wor%2Cimage.https%3A%2F%2Fassets%252Edonordrive%252Ecom%2F%3Fv%3D202106100930

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 289709695609602 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 85ms
84ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/289709695609602?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c751a1f9d03e54319c480048ea5c9f87e1cd85308040ae119deb86182cd59192

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Dz2ymGVz1cCanyNfqgmr2Gs6a/WmfF8CMBxBgbPCZ5I9tSzvPXSvKl0uOnojw5SPPhP6ab7dFAEUSm+B5TL3/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Jun 2021 16:39:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=PageView&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&rl=&if=false&ts=1623602391264&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1623602391263.438157100&it=1623602391135&coo=false&rqm=GET

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=289709695609602&ev=PageView&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&rl=&if=false&ts=1623602391365&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1623602391263.438157100&it=1623602391135&coo=false&rqm=GET

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H/1.1

200
OK

YFUMXCVVTNBRXOSM3LMZDR.js Show response
s.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/
Redirect Chain

https://d.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch...
https://s.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/YFUMXCVVTNBRXOSM3LMZDR.js

3 KB
2 KB

184ms
183ms

Script
text/javascript

2a02:26f0:6c00::210:bac8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/YFUMXCVVTNBRXOSM3LMZDR.js
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bac8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9be1280c7afe73c1207086bbb798713acf3ecab0ec166ccce0011f63daa181

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: p0UcpDfFXgwwXcUtsqxDLobOJLqVn3dr
Content-Encoding: gzip
ETag: "e36912396bdcd173af9719c23a4f0e2c"
x-amz-request-id: J03NFW9WFVYFFQVC
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1351
x-amz-id-2: 5sviIwlo2FRlvoj5aGok/RtqG9pq645TWwU60GO81rngde68pnAJBbFuCEboSGnS5B+Kau4BIJI=
Last-Modified: Tue, 08 Dec 2020 23:14:16 GMT
Server: AmazonS3
Date: Sun, 13 Jun 2021 16:39:51 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
x-conversion-value: 0.00
server: nginx/1.18.0
x-rule: *
date: Sun, 13 Jun 2021 16:39:51 GMT
x-segment-eid: YFUMXCVVTNBRXOSM3LMZDR
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://s.adroll.com/pixel/I65OCWH5ONB6RLGM5QBNAX/RRP4GEH57FHD5O3UHOCYAC/YFUMXCVVTNBRXOSM3LMZDR.js
cache-control: no-store, no-cache, must-revalidate
x-segment-display-name: Visitors to Unsegmented Pages
x-pixel-eid: RRP4GEH57FHD5O3UHOCYAC
x-segment-name: *
x-advertisable-eid: I65OCWH5ONB6RLGM5QBNAX
content-length: 0
x-conversion-currency

GET
H2 200 17092940.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 100ms
30ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/17092940.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
age: 29948642
x-cache: HIT
x-cache-hits: 49306
content-length: 5672
x-served-by: cache-fra19133-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1623602392.559809,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 135ms
63ms Script
application/javascript 104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFKDGHS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/2.5
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=409
accept-ranges: bytes
content-length: 15848

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E0) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:39:51 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67E0)
Age: 1368
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2 200 index.cfm Show response
support.sanfordhealthfoundation.org/ 3 KB
2 KB 660ms
660ms XHR
application/javascript 2606:4700::6811:fc21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://support.sanfordhealthfoundation.org/index.cfm?fuseaction=widgets.ajaxWidgetCompileHTML&callback=jsonpCallback&language=en&type0=search&showheader0=false&searchplaceholder0=Fundraiser%20Search&type1=login&showheader1=false
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:fc21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81a31a3324ebe56c4078c2053ec4ddec1f1a84c2ea52e91c9bf4a0365fa34c6c

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: AWSALB=gCItWrjG9vXAsREpiqIqjaOdRs2E864zRUqjsuPgSl1GPE+wCSGwKe9D5mhLHCuo0W/ln9097Epda8HjibS5f/u9SA9StbE3J/vwrKCpLBZR1RRWkGNcloKRdDBs; AWSALBCORS=gCItWrjG9vXAsREpiqIqjaOdRs2E864zRUqjsuPgSl1GPE+wCSGwKe9D5mhLHCuo0W/ln9097Epda8HjibS5f/u9SA9StbE3J/vwrKCpLBZR1RRWkGNcloKRdDBs; CFID=1022333; CFTOKEN=41e1fc040f38dbc-3E700A6B-D750-3163-BEA0271312317F22; PUBLICAPPLANGUAGE=DEFAULT%3Ben%5FUS; COOKIETEST=1; __cfruid=87dc98b5ffe007092a50e20dd8a58d01a1e2d4c9-1623602390; _ga=GA1.3.1114790431.1623602391; _gid=GA1.3.1683801711.1623602391; _gat=1; _gcl_au=1.1.2034809866.1623602391; _gid=GA1.2.1683801711.1623602391; _gat_UA-100935087-1=1; _ga_31ESZMPCDS=GS1.1.1623602391.1.0.1623602391.0; _ga=GA1.1.1114790431.1623602391; __qca=P0-71169349-1623602391234; _fbp=fb.1.1623602391263.438157100; __adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390; __ar_v4=
:path: /index.cfm?fuseaction=widgets.ajaxWidgetCompileHTML&callback=jsonpCallback&language=en&type0=search&showheader0=false&searchplaceholder0=Fundraiser%20Search&type1=login&showheader1=false
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: support.sanfordhealthfoundation.org
referer: https://support.sanfordhealthfoundation.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://support.sanfordhealthfoundation.org/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: en-US
content-type: application/javascript;charset=UTF-8
x-robots-tag: noindex
set-cookie: AWSALB=uvw7ZpfZdzVKuwk5IqRPe61FNF8J0XjHSrPI8Kscii2lB5B0FE0qvfmAOkSzsBJk2s6OvKeWiqsDXIKycFkE93QHE8MP6lEY4ZvVHdXeHlNrWVKwL/y0XMF7WOzK; Expires=Sun, 20 Jun 2021 16:39:51 GMT; Path=/ AWSALBCORS=uvw7ZpfZdzVKuwk5IqRPe61FNF8J0XjHSrPI8Kscii2lB5B0FE0qvfmAOkSzsBJk2s6OvKeWiqsDXIKycFkE93QHE8MP6lEY4ZvVHdXeHlNrWVKwL/y0XMF7WOzK; Expires=Sun, 20 Jun 2021 16:39:51 GMT; Path=/; SameSite=None; Secure PUBLICAPPLANGUAGE=DEFAULT%3Ben%5FUS; Path=/
cf-ray: 65ecc1e2cd612bca-FRA
content-length: 1490
cf-request-id: 0aa7d781c200002bcaee138000000001
x-ua-compatible: IE=Edge

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame B922 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fsupport.sanfordhealthfoundation.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://support.sanfordhealthfoundation.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://support.sanfordhealthfoundation.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 244496
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 13 Jun 2021 16:39:51 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6760)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H/1.1 200
OK image.aspx
18499.global.siteimproveanalytics.io/ 34 B
650 B 135ms
30ms Image
image/gif 18.194.103.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://18499.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&title=Sanford%20Health%20Foundation&res=1600x1200&accountid=18499&rt=2059&prev=2586c6e8-2ad4-4af0-8be4-6ccb93c0f300&luid=57eef7fc-1a18-85a1-ddb9-36a9cef4ff18&rnd=14671
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.103.106 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-103-106.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 13 Jun 2021 16:39:51 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Sun, 13 Jun 2021 16:39:51 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame B922 256 B
441 B 220ms
151ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=c8466fe9d4297d190e503a0d96153acdb5e5270b

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fsupport.sanfordhealthfoundation.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
content-encoding: gzip
last-modified: Sun, 13 Jun 2021 16:39:51 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: ca793d15eaefa6a42f8666e9e6bad6d083fc6819ad0ddf3ce6a21699382362f0
content-length: 176

GET
H3-29 200 115500129073534 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 79ms
78ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/115500129073534?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e4baaa2be1a22e22b081897a4db591f27315b6d5d2b1b27f242fe25777bd972f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: PX/FI4gl3t62dQrsJ0JVfQm3XpwouO72WoZs/9ZPbT41cYt6OvRvdxGNm58WtzLC6+5eztj1qqtxGdawe1toUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 13 Jun 2021 16:39:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://d.adroll.com/cm/r/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX
https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

0
446 B

21ms
7ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

location: https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx/1.18.0
content-length: 165
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

GET
H2

200

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX
https://x.bidswitch.net/sync?dsp_id=44&user_id=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg

43 B
345 B

36ms
36ms

Image
image/gif

3.120.242.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.242.149 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-242-149.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg
date: Sun, 13 Jun 2021 16:39:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX
https://ib.adnxs.com/setuid?entity=172&code=MTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg

43 B
1 KB

30ms
30ms

Image
image/gif

185.33.221.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:39:51 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: f57a6f69-34d9-4d14-830b-b07d762ee83a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:39:51 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.153:80
AN-X-Request-Uuid: 0f2eba72-1f71-4aa3-b827-96e64c69c0d2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMTRiYzZmNTA1NzZiODcxMDFjY2Y2MDBmNzViYzdhYTg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 out
d.adroll.com/cm/l/ 42 B
180 B 41ms
39ms Image
image/gif 52.30.121.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/l/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.121.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-121-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.18.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX
https://us-u.openx.net/w/1.0/sd?id=537103138&val=14bc6f50576b87101ccf600f75bc7aa8
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=14bc6f50576b87101ccf600f75bc7aa8

43 B
180 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=14bc6f50576b87101ccf600f75bc7aa8
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.208.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
via: 1.1 google
server: OXGW/16.208.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=14bc6f50576b87101ccf600f75bc7aa8
date: Sun, 13 Jun 2021 16:39:51 GMT
via: 1.1 google
server: OXGW/16.208.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?adroll_fpc=806be328cf6121116cf0f4c8157f6b2d-1623602391390&arrfrr=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&xid_ch=f&advertisable=I65OCWH5ONB6RLGM5QBNAX&goog...
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=FLxvUFdrhxAcz2APdbx6qA
https://d.adroll.com/cm/g/in

42 B
536 B

39ms
39ms

Image
image/gif

52.30.121.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.121.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-121-169.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
server: nginx/1.18.0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
content-length: 42
x-result: g.-1.-1.-1

Redirect headers

pragma: no-cache
date: Sun, 13 Jun 2021 16:39:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/9/10269
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

11 B
186 B

35ms
34ms

XHR
application/json

104.111.247.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by: Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.247.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-247-190.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server
x-powered-by: ARR/2.5
etag: "5a9573a5a578d31:0"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

Redirect headers

location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
date: Sun, 13 Jun 2021 16:39:51 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=115500129073534&ev=PageView&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&rl=&if=false&ts=1623602391716&cd[segment_eid]=YFUMXCVVTNBRXOSM3LMZDR&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=29&fbp=fb.1.1623602391263.438157100&it=1623602391135&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=Microdata&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&rl=&if=false&ts=1623602391767&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sanford%20Health%20Foundation%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Sanford%20Health%20Foundation%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F%22%2C%22og%3Atitle%22%3A%22I%27m%20supporting%20Sanford%20Health%20Foundation!%22%2C%22og%3Adescription%22%3A%22The%20Sanford%20Health%20Foundation%20is%20the%20fundraising%20arm%20for%20Sanford%20Health.%20Our%20work%20helps%20the%20health%20system%20enhance%20the%20lives%2C%20health%20and%20hope%20of%20the%20patients%20it%20serves.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.donordrive.com%2F%3Fv%3D202106100930%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1623602391263.438157100&it=1623602391135&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=289709695609602&ev=Microdata&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&rl=&if=false&ts=1623602391866&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sanford%20Health%20Foundation%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Sanford%20Health%20Foundation%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F%22%2C%22og%3Atitle%22%3A%22I%27m%20supporting%20Sanford%20Health%20Foundation!%22%2C%22og%3Adescription%22%3A%22The%20Sanford%20Health%20Foundation%20is%20the%20fundraising%20arm%20for%20Sanford%20Health.%20Our%20work%20helps%20the%20health%20system%20enhance%20the%20lives%2C%20health%20and%20hope%20of%20the%20patients%20it%20serves.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.donordrive.com%2F%3Fv%3D202106100930%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1623602391263.438157100&it=1623602391135&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: support.sanfordhealthfoundation.org
URL: https://support.sanfordhealthfoundation.org/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 13 Jun 2021 16:39:51 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 385 B
1 KB 225ms
51ms Script
text/html 82.199.68.72
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=10269&dispType=js&sync=0&sessionid=2737466235958039742&pageurl=$$https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F$$&activityValues=$$Session%3D2521388627684709899$$&ns=0&rnd=5569265485608266
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.72 , Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 689378d3f77d64c6883fc415efde96a5db0344c53a9927b19e5f8597ea9cf98c

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 13 Jun 2021 16:39:51 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 290
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=43018569&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=percent&el=10&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1114790431.1623602391&tid=UA-100935087-1&_gid=1683801711.1623602391&gtm=2wg690WFKDGHS&z=1570324785

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 08:36:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=43018569&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=percent&el=25&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1114790431.1623602391&tid=UA-100935087-1&_gid=1683801711.1623602391&gtm=2wg690WFKDGHS&z=1972707264

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 08:36:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=43018569&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsupport.sanfordhealthfoundation.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=percent&el=50&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=1114790431.1623602391&tid=UA-100935087-1&_gid=1683801711.1623602391&gtm=2wg690WFKDGHS&z=1775206497

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://support.sanfordhealthfoundation.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Jun 2021 08:36:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 28982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
support.sanfordhealthfoundation.org/	1970-01-19 19:10:07	Name: AWSALB Value: uvw7ZpfZdzVKuwk5IqRPe61FNF8J0XjHSrPI8Kscii2lB5B0FE0qvfmAOkSzsBJk2s6OvKeWiqsDXIKycFkE93QHE8MP6lEY4ZvVHdXeHlNrWVKwL/y0XMF7WOzK
.sanfordhealthfoundation.org/	1970-01-20 12:31:14	Name: _ga Value: GA1.2.1114790431.1623602391
.support.sanfordhealthfoundation.org/	1970-01-20 03:45:38	Name: __ar_v4 Value: %7CI65OCWH5ONB6RLGM5QBNAX%3A20210613%3A1%7CRRP4GEH57FHD5O3UHOCYAC%3A20210613%3A1%7CYFUMXCVVTNBRXOSM3LMZDR%3A20210613%3A1
.sanfordhealthfoundation.org/	1970-01-19 21:09:38	Name: _fbp Value: fb.1.1623602391263.438157100
.sanfordhealthfoundation.org/	1970-01-20 12:31:14	Name: _ga_31ESZMPCDS Value: GS1.1.1623602391.1.0.1623602391.0
.support.sanfordhealthfoundation.org/	1970-01-20 12:31:14	Name: _ga Value: GA1.3.1114790431.1623602391
.sanfordhealthfoundation.org/	1970-01-19 19:00:02	Name: _gat_UA-100935087-1 Value: 1
support.sanfordhealthfoundation.org/	1970-01-19 19:10:07	Name: AWSALBCORS Value: uvw7ZpfZdzVKuwk5IqRPe61FNF8J0XjHSrPI8Kscii2lB5B0FE0qvfmAOkSzsBJk2s6OvKeWiqsDXIKycFkE93QHE8MP6lEY4ZvVHdXeHlNrWVKwL/y0XMF7WOzK
.sanfordhealthfoundation.org/	1970-01-19 19:01:28	Name: _gid Value: GA1.2.1683801711.1623602391
.sanfordhealthfoundation.org/	1970-01-20 19:00:02	Name: nmstat Value: 2586c6e8-2ad4-4af0-8be4-6ccb93c0f300
.support.sanfordhealthfoundation.org/	1970-01-19 19:00:02	Name: _gat Value: 1
support.sanfordhealthfoundation.org/	1969-12-31 23:59:59	Name: CFTOKEN Value: 41e1fc040f38dbc-3E700A6B-D750-3163-BEA0271312317F22
.support.sanfordhealthfoundation.org/	1969-12-31 23:59:59	Name: __cfruid Value: 87dc98b5ffe007092a50e20dd8a58d01a1e2d4c9-1623602390
support.sanfordhealthfoundation.org/	1969-12-31 23:59:59	Name: PUBLICAPPLANGUAGE Value: DEFAULT%3Ben%5FUS
support.sanfordhealthfoundation.org/	1969-12-31 23:59:59	Name: CFID Value: 1022333
.sanfordhealthfoundation.org/	1970-01-19 21:09:38	Name: _gcl_au Value: 1.1.2034809866.1623602391
.support.sanfordhealthfoundation.org/	1970-01-20 03:45:59	Name: __adroll_fpc Value: 806be328cf6121116cf0f4c8157f6b2d-1623602391390
support.sanfordhealthfoundation.org/	1969-12-31 23:59:59	Name: COOKIETEST Value: 1
.sanfordhealthfoundation.org/	1970-01-20 04:24:31	Name: __qca Value: P0-71169349-1623602391234
.support.sanfordhealthfoundation.org/	1970-01-19 19:01:28	Name: _gid Value: GA1.3.1683801711.1623602391

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18499.global.siteimproveanalytics.io
ads.yahoo.com
ajax.googleapis.com
assets.donordrive.com
bs.serving-sys.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
pixel.quantserve.com
platform.twitter.com
rules.quantcount.com
s.adroll.com
script.crazyegg.com
secure-ds.serving-sys.com
secure.quantserve.com
siteimproveanalytics.com
stats.g.doubleclick.net
support.sanfordhealthfoundation.org
syndication.twitter.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
104.111.247.190
104.244.42.8
13.32.2.75
142.250.185.98
151.101.14.109
18.194.103.106
185.33.221.11
2600:9000:206e:7600:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6811:fc21
2606:4700::6813:9408
2606:4700:e4::ac40:ac0c
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7001
2a00:1450:4001:800::2008
2a00:1450:4001:800::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9b
2a02:26f0:6c00::210:bac8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.242.149
35.244.159.8
52.212.91.150
52.30.121.169
82.199.68.72
0975267e3a7109a27fa1a413d98b868ce416917c0e1037e3a5e7411e7648c7ca
0bdbd13a9da4238bc080d842dc7a9ec35b489331b7d62efb221190e1e2e7207c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13144931ff2157d8c80ab37987bd1f66fa501870df0a8581ad8329df5f44c1ff
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1bd3d6c7c937ea746d5ab2d9692eea7f33fa51b3cf4ad2fb4de85d0d9056168e
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ffd3aef580f46de304fd6f42c980ac59968ea0bfdc369a49f2b7712fef1e16e
33853a04c41065c28257c1dc32cf997cc1c7c314e7247c0a44fb27c4c3fc3ac4
36f04df55db83d16477f9ea11f4bff8bec6337cdb8935663f929cab51257fa2e
3f3c48c58dace75c148d5cf0e0b3be549bf6d5a6bad3ff12c5adced9e37ddb71
3f416c2538f4bbe78af46dd000bd54ae2fcefd37753bd805f048db0c3817a368
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
43ec49ecc515655e6eaf19ea501221c85c463bd5183afdd6c2f3e50563413e23
447be4df5f3fc420a093aa1c2370f5a84c4c63394ea75633be18ea504781ce1e
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
542875fb61be689c4bca355e3c9fbd792a31b8559a653f45eae728d4877e80fc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5fcf8378d662c036e1412af20e143aa1ed6bd0e7eac1cb1d72a15d29e56b403a
62cd0a38261c2a87e20d35a4cc20d48b57f47fa0a21870f8ed7b83ddc5a3abf5
689378d3f77d64c6883fc415efde96a5db0344c53a9927b19e5f8597ea9cf98c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70ea2c7382a36955d038e16166c146522ceab14468ac36975e57506aa795e2c1
7dd12b2e4190b646c669be3ef022b456d78aa96aa4358637e07bcb54f3e57107
81a31a3324ebe56c4078c2053ec4ddec1f1a84c2ea52e91c9bf4a0365fa34c6c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8c31151fb27b0b1ec59d81caa7e5fb6b2e4b07cc33d3d064963016aa2eca0367
9790f50564004c64e6a5d537b52e2c2d0277ff467abdd6d373772afa59ded28a
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9a64d62d663c12b2f0b849629306773963100fae754498476494166ce16b2a6e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a9939c64b68e82973408f7c213e789d236a600b89e90ba6896ce98de889e6ec8
ad9be1280c7afe73c1207086bbb798713acf3ecab0ec166ccce0011f63daa181
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b3c0e4f90e828cfcd4f2981554d34da4bfa6cd1dc46a7d651992fb533ae4e3a6
bba4d46952f094b62205fe06e4a78114cac5d934971925a4716ef40c33f96012
c30831772b9e3508554386d8beaa7cf75cf26bf30fa5de04f3628da61c4e7cc2
c751a1f9d03e54319c480048ea5c9f87e1cd85308040ae119deb86182cd59192
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
ce4e41d7428308d6a65ee1dc92b56f7205039800ad906a39654b74ee54f321f6
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d2281fa4c167ea82397491114da8ab1adbe03317c87070642210faea981b2b72
d9a399e0911aa0af43fce06b23ea192d31d6f822f589729a09f2a2e177885f09
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5606a0a254e0c87a339d40975fff730cff57442ccd98580ac5cd37f412678
e4baaa2be1a22e22b081897a4db591f27315b6d5d2b1b27f242fe25777bd972f
eb6e01f296c32e74cb3349078a2bc0510a41ef697170bd11b1f19bc7e2b09710
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaa82490f1e59a161aac3b05e2b626ad2f24d87e803d61b0044d368272eca15
f4401f65be9f6f2c111a9c74d416b5c0dd3fca273220ee82577b37fc4f0bff1c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

support.sanfordhealthfoundation.org Open in urlscan Pro 2606:4700::6811:fc21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

75 Requests

100 %HTTPS

63 %IPv6

26 Domains

32 Subdomains

30 IPs

6 Countries

2546 kBTransfer

4910 kBSize

20 Cookies

7 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

support.sanfordhealthfoundation.org Open in urlscan Pro
2606:4700::6811:fc21 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

100 %
HTTPS

63 %
IPv6

26
Domains

32
Subdomains

30
IPs

6
Countries

2546 kB
Transfer

4910 kB
Size

20
Cookies

75 HTTP transactions
0 data transactions