www.gundersenhealth.org Open in urlscan Pro
2606:4700::6812:ef9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gundersenhealth.org/
Effective URL:
https://www.gundersenhealth.org/
Submission: On March 16 via api (March 16th 2024, 11:51:57 pm UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 44 HTTP transactions. The main IP is 2606:4700::6812:ef9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.gundersenhealth.org. The Cisco Umbrella rank of the primary domain is 557034.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 1st 2023. Valid for: a year.

This is the only time www.gundersenhealth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:ff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 25	2606:4700::68... 2606:4700::6812:ef9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100::1720:ef23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100::1720:ef43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:20:... 2606:4700:20::ac43:45ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.192.233.173 18.192.233.173	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
8	50.16.126.230 50.16.126.230	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
5	52.216.216.168 52.216.216.168	16509 (AMAZON-02) (AMAZON-02)
44	11

1 2606:4700::6812:ff9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gundersenhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2606:4700::6812:ef9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.gundersenhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::1720:ef23 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::1720:ef43 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:45ce (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.233.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-233-173.eu-central-1.compute.amazonaws.com

6293840.global.r2.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 50.16.126.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-126-230.compute-1.amazonaws.com

web2.production.gyantts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.216.216.168 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	gundersenhealth.org 2 redirects www.gundersenhealth.org — Cisco Umbrella Rank: 557034	958 KB
8	gyantts.com web2.production.gyantts.com — Cisco Umbrella Rank: 87891	381 KB
5	amazonaws.com s3.amazonaws.com	77 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 473 p.typekit.net — Cisco Umbrella Rank: 574	1 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 263	510 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 682	16 KB
1	siteimproveanalytics.io 6293840.global.r2.siteimproveanalytics.io — Cisco Umbrella Rank: 606185	149 B
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 7785	4 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3836	10 KB
44	9

	Domain	Requested by
26	www.gundersenhealth.org	2 redirects www.gundersenhealth.org
8	web2.production.gyantts.com	www.gundersenhealth.org web2.production.gyantts.com
5	s3.amazonaws.com	client s3.amazonaws.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.gundersenhealth.org
1	6293840.global.r2.siteimproveanalytics.io	www.gundersenhealth.org
1	browser-update.org	www.gundersenhealth.org
1	p.typekit.net	use.typekit.net
1	use.typekit.net	www.gundersenhealth.org
1	siteimproveanalytics.com	www.gundersenhealth.org
44	10

This site contains links to these domains. Also see Links.

Domain
ghsedge.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
www.youtube.com
quartzbenefits.com
www.fabrichealth.com

Subject Issuer	Validity	Valid
gundersenhealth.org Cloudflare Inc ECC CA-3	`2023-06-01` - `2024-05-30`	a year	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-01` - `2025-03-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-06` - `2024-05-05`	a year	crt.sh
*.global.r2.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
web2.production.gyantts.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.gundersenhealth.org/
Frame ID: 34DC086A029D28EE2F3C837E0CC83F93
Requests: 39 HTTP requests in this frame

Frame: https://www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: 43C940AE139E731A0ADF995D84DC16D8
Requests: 2 HTTP requests in this frame

Frame: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Frame ID: 3C1D6457141A30836646E5CEAB0FA263
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Gundersen Health System Hospitals & Clinics I Gundersen

Page URL History Show full URLs

http://www.gundersenhealth.org/ HTTP 301
https://www.gundersenhealth.org/ Page URL

Page Statistics

44
Requests

98 %
HTTPS

64 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

1448 kB
Transfer

4642 kB
Size

10
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://ghsedge.com/
Title: Gundersen Edge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gundersenhealth?keyword=la%2520crosee

Search URL Search Domain Scan URL

URL: https://twitter.com/gundersenhealth?keyword=la%2520crosee

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/gundersen-health-system/?keyword=la%2520crosee

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gundersenhealthsystem/?keyword=la%2520crosee

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/GundersenLutheran

Search URL Search Domain Scan URL

URL: https://quartzbenefits.com/
Title: Quartz Benefits

Search URL Search Domain Scan URL

URL: https://www.fabrichealth.com/
Title: Fabric

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gundersenhealth.org/ HTTP 301
https://www.gundersenhealth.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.gundersenhealth.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

44 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gundersenhealth.org/
Redirect Chain

http://www.gundersenhealth.org/
https://www.gundersenhealth.org/

83 KB
23 KB

59ms
42ms

Document
text/html

2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

241a4c930a7bd2bb1ed629cd4865bdaa1ea3ba7e23e41fd6e2b2c7405e81d477

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	report-uri /report-csp-violation
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3438
cache-control: public, max-age=86400
cf-cache-status: HIT
cf-ray: 8658a75c1f973a9c-FRA
content-encoding: gzip
content-language: en
content-security-policy: report-uri /report-csp-violation
content-type: text/html; charset=UTF-8
date: Sat, 16 Mar 2024 23:51:53 GMT
expires: Sun, 17 Mar 2024 23:51:53 GMT
last-modified: Sat, 16 Mar 2024 18:46:04 GMT
server: cloudflare
strict-transport-security: max-age=15552000
vary: X-Geo-Country,Accept-Encoding
via: varnish
x-ah-environment: prod
x-cache: HIT
x-cache-hits: 22
x-content-security-policy: report-uri /report-csp-violation
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
x-request-id: v-716f3b04-e3c5-11ee-ba92-47f718177874
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 8658a75bead91ac5-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 16 Mar 2024 23:51:52 GMT
Expires: Sun, 17 Mar 2024 00:51:52 GMT
Location: https://www.gundersenhealth.org/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H2 200 css_4omtejt7e3OPVVw1CtempLONnpMJZgk-UtnD1afQrt0.css
www.gundersenhealth.org/sites/default/files/css/ 21 KB
6 KB 20ms
19ms Stylesheet
text/css 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/sites/default/files/css/css_4omtejt7e3OPVVw1CtempLONnpMJZgk-UtnD1afQrt0.css?delta=0&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4cb8f16cc3a7a6e989e07694071e14a15319bdec083376a419d569d4ef98bf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 207
date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=15552000
age: 275010
x-cache: HIT
x-ah-environment: prod
content-length: 5708
x-request-id: v-39bceeac-dca6-11ee-b30d-77fe2ef28208
last-modified: Thu, 07 Mar 2024 17:14:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75c6fcc3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css
www.gundersenhealth.org/sites/default/files/css/ 328 KB
44 KB 28ms
27ms Stylesheet
text/css 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb3c5adbbdf2f72f7dbca8d8467fef1db700dbcadfd63dcc1433e3f174ea99d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 27
date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=15552000
age: 193407
x-cache: HIT
x-ah-environment: prod
content-length: 45218
x-request-id: v-52c720fa-e199-11ee-9153-2b89cd64057e
last-modified: Thu, 07 Mar 2024 17:15:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75c6fcd3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 js_rBoV20RkPqCcoruPmno7s7GDiQlaoISsRekA2BPKt_Q.js Show response
www.gundersenhealth.org/sites/default/files/js/ 8 KB
3 KB 18ms
18ms Script
text/javascript 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/sites/default/files/js/js_rBoV20RkPqCcoruPmno7s7GDiQlaoISsRekA2BPKt_Q.js?scope=header&delta=0&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14121d1a0777e9e328ef65cc1cc4d1bd1ace27b943954eb83dde1c1474d02aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 218
date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=15552000
age: 275010
x-cache: HIT
x-ah-environment: prod
content-length: 2774
x-request-id: v-35afc172-dca6-11ee-9e9a-bb7b3c3b22ae
last-modified: Thu, 07 Mar 2024 17:14:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75c6fce3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 outline.js Show response
www.gundersenhealth.org/themes/custom/outline_frontend/dist/ 2 MB
375 KB 20ms
20ms Script
application/javascript 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/dist/outline.js?s9zmkc

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1979d29f23c475575b9e29dab554df939d3207da103275b7ed46d1daf942903

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 518
date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=15552000
age: 279691
x-cache: HIT
x-ah-environment: prod
content-length: 383146
x-request-id: v-33ed878e-dca6-11ee-881f-ef1068623f2f
last-modified: Thu, 07 Mar 2024 16:55:55 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75c6fd03a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 woman-with-her-hands-in-heart-shape.png.webp
www.gundersenhealth.org/sites/default/files/styles/medium_uncropped_600/public/acquiadam_assets/2023-02/ 13 KB
13 KB 27ms
27ms Image
image/png 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/sites/default/files/styles/medium_uncropped_600/public/acquiadam_assets/2023-02/woman-with-her-hands-in-heart-shape.png.webp?itok=rGNRaV-9

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd1e821c5f34b9d6b523b35da0ef47b833354317097e1b5fb219bd035287c1e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 109
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 287732
x-cache: HIT
x-ah-environment: prod
content-length: 13272
x-request-id: v-04f26c30-de1b-11ee-bf62-3325318f9094
last-modified: Fri, 14 Apr 2023 16:51:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75c6fd43a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 gundersen-bellin-merger-talk.png.webp
www.gundersenhealth.org/sites/default/files/styles/medium_16_9_530_300/public/2022-10/ 17 KB
17 KB 28ms
27ms Image
image/png 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/sites/default/files/styles/medium_16_9_530_300/public/2022-10/gundersen-bellin-merger-talk.png.webp?itok=cd0dmOBW

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51365348552d14aff7ca80265ee1162d383a1477559e22ea4909c8f8f44f3545

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 117
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275009
x-cache: HIT
x-ah-environment: prod
content-length: 17386
x-request-id: v-6f64abfc-d310-11ee-bf06-af71c2c42687
last-modified: Thu, 17 Nov 2022 14:11:26 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75c6fd73a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 mycharthome%20%281%29.jpg.webp
www.gundersenhealth.org/sites/default/files/styles/medium_16_9_530_300/public/2022-06/ 6 KB
6 KB 20ms
19ms Image
image/jpeg 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/sites/default/files/styles/medium_16_9_530_300/public/2022-06/mycharthome%20%281%29.jpg.webp?itok=-pbGgRtw

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a1f9924968de5e857a782914d0dc09daa5b8c878f82761284d38baf74fd996

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 114
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275009
x-cache: HIT
x-ah-environment: prod
content-length: 6436
x-request-id: v-06194f4e-de01-11ee-b44c-a7e1245ec4cc
cf-bgj: h2pri
last-modified: Thu, 01 Sep 2022 16:31:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75ca8013a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 registered-nurse-smiling-at-camera.png.webp
www.gundersenhealth.org/sites/default/files/styles/medium_16_9_530_300/public/acquiadam_assets/2023-03/ 9 KB
9 KB 19ms
18ms Image
image/png 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/sites/default/files/styles/medium_16_9_530_300/public/acquiadam_assets/2023-03/registered-nurse-smiling-at-camera.png.webp?itok=06IE4_0A

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41338ccb4393698b45700f0fef008a608a3da811420417007655dab6a1bd6c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 121
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275008
x-cache: HIT
x-ah-environment: prod
content-length: 9110
x-request-id: v-001cafc4-de0a-11ee-9812-3fc62d564606
last-modified: Thu, 27 Apr 2023 13:44:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75ca8023a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 js_0yHcOWup1yVS0uDLvqZk8c9ekDM0CHkh2xx-om6JpSI.js Show response
www.gundersenhealth.org/sites/default/files/js/ 177 KB
55 KB 20ms
20ms Script
text/javascript 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/sites/default/files/js/js_0yHcOWup1yVS0uDLvqZk8c9ekDM0CHkh2xx-om6JpSI.js?scope=footer&delta=0&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44bfcda553bfa1259b720e6ac5fbe6a93cc196c16da89fc7f9fab5051ffbc5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 213
date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
via: varnish
strict-transport-security: max-age=15552000
age: 275008
x-cache: HIT
x-ah-environment: prod
content-length: 56064
x-request-id: v-39be1822-dca6-11ee-a2fd-87c47fa90b03
last-modified: Thu, 07 Mar 2024 17:14:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75cc80f3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 siteanalyze_6293840.js Show response
siteimproveanalytics.com/js/ 31 KB
10 KB 40ms
14ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6293840.js
Requested by: Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 578fa8c67b99fd92627e301f565036f74afecee0b7db6f4c0397b2121af5b1d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: B3E5TXF8M1W0RPEM
age: 851
alt-svc: h3=":443"; ma=86400
content-length: 9974
x-amz-id-2: LtI9ivO+vERxuIuuJyEg6pOI/f4fmPkttblrBxROs7JthofFOdo7f6J1bVWD5paBm2x4GFbqW0Y=
last-modified: Thu, 14 Mar 2024 16:14:40 GMT
server: cloudflare
etag: "510b6c03359d9ba29e931dfdfe1fc634"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vLVJgeeNcV8IXGrq%2BG%2Bik4y6zDLtZkmappKfoMxMvdmBt%2BtxKVgvoj%2FyMHRSZ5oiGw8IBy2ykYOP3HTdYMcY%2FIFoX0DpF9EZOP4xW%2B44YgCLqQ1awO1Wk6cxToC23t0i50aiyhbzHI5NBqoTyvjVwDHq0AUGMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 8658a75d3f35903c-FRA

GET
H2 200 ckd8nmv.css
use.typekit.net/ 6 KB
1 KB 71ms
19ms Stylesheet
text/css 2a02:26f0:7100::1720:ef23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ckd8nmv.css

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100::1720:ef23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d0d23c9b6a75ef966da7b930332589cbf763bcd6e480006e717ba473d6bc3151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 16 Mar 2024 23:51:53 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 924

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 46ms
8ms Stylesheet
text/css 2a02:26f0:7100::1720:ef43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ckd8nmv&ht=tk&f=139.140.175.176.5474.5475.15760.22737&a=108798096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ckd8nmv.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::1720:ef43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf9793f4973743ff3775f7014a51f60bd88a1e3df7dbaa2321fd0b2acd1303cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 299 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30a5b70fdbfe701110330dd55c7734966988740323c203d7c1a920c4c492b717

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 feed.svg
www.gundersenhealth.org/core/misc/ 462 B
495 B 19ms
19ms Image
image/svg+xml 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/core/misc/feed.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be2c33eeea9e761795209e52fa6624ba7871bbc87a7d7e10b0a689e11c209790

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 153
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
strict-transport-security: max-age=15552000
age: 283805
x-cache: HIT
x-ah-environment: prod
x-request-id: v-60bf8702-de00-11ee-8cd4-5745c3585f56
last-modified: Thu, 07 Mar 2024 16:55:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=1209600
cf-ray: 8658a75d78843a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 ibm-plex-sans-v19-latin-700.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/ibm-plex-sans/ 19 KB
19 KB 18ms
18ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/ibm-plex-sans/ibm-plex-sans-v19-latin-700.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7177b7b3d4fead439025573990c0ec13dfbd5a9cb4421c99f289c8adeedd35ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 290
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 241569
x-cache: HIT
x-ah-environment: prod
content-length: 19440
x-request-id: v-a433f56e-ddfa-11ee-a7b6-4f7c5ae1d73f
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75d78833a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 libre-franklin-v14-latin-500.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/ 15 KB
15 KB 24ms
23ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/libre-franklin-v14-latin-500.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7716c79a8710c35591a59de7eb1efdd2bd1df2d0d9f059265bf79fef21a025cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 256
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275422
x-cache: HIT
x-ah-environment: prod
content-length: 15332
x-request-id: v-613adce0-de00-11ee-a334-6f2b3e530f1d
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75d78853a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 ibm-plex-sans-v19-latin-regular.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/ibm-plex-sans/ 19 KB
19 KB 22ms
22ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/ibm-plex-sans/ibm-plex-sans-v19-latin-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33fad484f36be3964dc66a3ded5efc5d0b35b36b9202d1763364dee6a1836143

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 243
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 279691
x-cache: HIT
x-ah-environment: prod
content-length: 19156
x-request-id: v-32e2e808-ddfe-11ee-9182-3bb5094eb388
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75d78863a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 libre-franklin-v14-latin-600.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/ 15 KB
15 KB 19ms
19ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/libre-franklin-v14-latin-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da9ac5503e1411eb8d1329882c74a0687864e9e00bd4a7307a9dd6ccf96ccdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 244
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275422
x-cache: HIT
x-ah-environment: prod
content-length: 15368
x-request-id: v-32e07da2-ddfe-11ee-b7aa-8b7b1c9d8bcf
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75d78883a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 Colleen-McCurry-MD-with-pediatric-patient-and-her-teddy-bear.png.webp
www.gundersenhealth.org/sites/default/files/styles/card_medium_4_3_600_450/public/acquiadam/2023-09/ 16 KB
16 KB 20ms
20ms Image
image/png 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/sites/default/files/styles/card_medium_4_3_600_450/public/acquiadam/2023-09/Colleen-McCurry-MD-with-pediatric-patient-and-her-teddy-bear.png.webp?itok=BmxqL7yn

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2151de047611907b4490bd96ce130948e86ed17ea2acb9ed3d48c665495e903c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 112
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275007
x-cache: HIT
x-ah-environment: prod
content-length: 16030
x-request-id: v-70db90e8-de20-11ee-b938-e32ae0c6aa82
last-modified: Fri, 29 Sep 2023 12:26:37 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75d88953a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
4 KB 43ms
19ms Script
application/javascript 2606:4700:20::ac43:45ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/sites/default/files/js/js_rBoV20RkPqCcoruPmno7s7GDiQlaoISsRekA2BPKt_Q.js?scope=header&delta=0&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db4f2b9fc29875847e047ac95c45f345f09989f7b5d82b733051df20c1c27f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Mar 2024 10:00:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 280314
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mk5%2BW9o%2BiP1YWIqVce1bhzB1bnkbCG8UD8l8e5gMti%2B7fR0%2FXPe9eXCtaiDX9Ca2%2FPmmUbZ7e3AWDjvBf8%2FQW3mGN%2BrMb5FVtFhEJql9YcL3AwPaBg0948%2BugaIrO3is5tMJy6MLU%2FklanhHpMXTqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 8658a75deebe0404-FRA
expires: Thu, 14 Mar 2024 17:59:59 GMT

GET
H2 200 load Show response
www.gundersenhealth.org/sitewide_alert/ 21 B
472 B 112ms
112ms Fetch
application/json 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/sitewide_alert/load

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/sites/default/files/js/js_0yHcOWup1yVS0uDLvqZk8c9ekDM0CHkh2xx-om6JpSI.js?scope=footer&delta=0&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55

Security Headers

Name	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	report-uri /report-csp-violation
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sun, 17 Mar 2024 03:51:53 GMT
date: Sat, 16 Mar 2024 23:51:53 GMT
content-security-policy: report-uri /report-csp-violation
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: EXPIRED
via: varnish
x-cache: HIT
x-drupal-dynamic-cache: MISS
x-content-security-policy: report-uri /report-csp-violation
x-ah-environment: prod
content-length: 41
x-xss-protection: 1; mode=block
x-request-id: v-225bb800-e3f0-11ee-9c28-cbb6573c1bf7
last-modified: Sat, 16 Mar 2024 23:41:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: X-Geo-Country,Accept-Encoding
content-language: en
content-type: application/json
x-generator: Drupal 10 (https://www.drupal.org)
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8658a75dc8c53a9c-FRA
x-drupal-cache: HIT
x-cache-hits: 1

GET
H2

200

main.js Show response
www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 43C9
Redirect Chain

https://www.gundersenhealth.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

8 KB
4 KB

13ms
13ms

Script
application/javascript

2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324b22423deab7dc8d08dc0aa9bf8a7b26c5751982c8d5bf68ef9483af5e88e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8658a75e08f73a9c-FRA

Redirect headers

date: Sat, 16 Mar 2024 23:51:53 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8658a75dd8d03a9c-FRA
content-length: 0

GET
H2 200 s.js Show response
www.gundersenhealth.org/cdn-cgi/zaraz/ 5 KB
3 KB 28ms
28ms Script
text/javascript 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyR3VuZGVyc2VuJTIwSGVhbHRoJTIwU3lzdGVtJTIwSG9zcGl0YWxzJTIwJTI2JTIwQ2xpbmljcyUyMEklMjBHdW5kZXJzZW4lMjIlMkMlMjJ4JTIyJTNBMC4yODU2Njc1MzcwNjI3NDg2JTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZ3d3cuZ3VuZGVyc2VuaGVhbHRoLm9yZyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBLTYwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0664f20b0c33019ba2985d960e32a52816fc8124555cc4621872b4686b36b3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.gundersenhealth.org
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
x-robots-tag: none
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
cf-ray: 8658a75dd8d23a9c-FRA

GET
H2 200 gundersen-main-campus-exterior.jpg.webp
www.gundersenhealth.org/sites/default/files/styles/full_width_banner_16_9_1920_1080/public/2022-04/ 262 KB
263 KB 19ms
19ms Image
image/jpeg 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gundersenhealth.org/sites/default/files/styles/full_width_banner_16_9_1920_1080/public/2022-04/gundersen-main-campus-exterior.jpg.webp?itok=m5osWeQI

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72deb27016c7a1371d39615f96db79001fab6e7bd4ba0f39543064dae133662a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 112
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275003
x-cache: HIT
x-ah-environment: prod
content-length: 268458
x-request-id: v-7ec393be-de29-11ee-af75-ebe7fcc0cd3e
cf-bgj: h2pri
last-modified: Thu, 01 Sep 2022 16:31:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75dd8d73a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 libre-franklin-v14-latin-700.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/ 15 KB
15 KB 26ms
25ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/libre-franklin-v14-latin-700.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e68c327d01f06745ad151370e991a33d8b5b3b1f68655b4d4a7bc545529a59d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 251
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275422
x-cache: HIT
x-ah-environment: prod
content-length: 15372
x-request-id: v-60d746bc-de00-11ee-b2a4-6ff172bde0c4
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75dd8da3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 libre-franklin-v14-latin-regular.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/ 15 KB
15 KB 23ms
23ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/libre-franklin/libre-franklin-v14-latin-regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8674214bc94c1a684fa106869375fff529027ef48afc18ef596258e9fd6a4c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 228
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 284766
x-cache: HIT
x-ah-environment: prod
content-length: 15348
x-request-id: v-fd917d94-ddfe-11ee-bec1-ff97993dc6be
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75dd8db3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 ibm-plex-sans-v19-latin-600.woff2
www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/ibm-plex-sans/ 20 KB
20 KB 23ms
23ms Font
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/themes/custom/outline_frontend/assets/fonts/ibm-plex-sans/ibm-plex-sans-v19-latin-600.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3d33e41cb646c20d15a80c2fa42689189d114e3e78a3e77b6e8c002b900070e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gundersenhealth.org/sites/default/files/css/css_0TaMsE4Zz71VCSTfQw7XXnHychYc0EYt6NX8WTGEtFM.css?delta=1&language=en&theme=outline_frontend&include=eJx1kGFuBCEIhS9k1yMZVOqwi2JB00xPX9OZ7rRp-gv4CLwHcfo4b2nD9EB1GY1KC7bbwOohV2phiHAEDZSkubMTwdAlUfRNtALTxyoZVHwCze7n_MkLSwR-sbEzteJkjhUxvKq0gS37Q_kvr0AX_W2vYpvPFsO-UjucdVAoCn0zn3V24NtFbrP1GZlsw-weu85pwRA0bf4IrmxPcqWhQ1kP-rqZljVta-v9baLuYdLBv7VUiqLZAQfECJHPd7FAvps7d0KnAHNIktoZB_p_uDMa-E4ZAzDqWAZofAJAva1m
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-cache-hits: 227
date: Sat, 16 Mar 2024 23:51:53 GMT
via: varnish
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000
age: 275421
x-cache: HIT
x-ah-environment: prod
content-length: 20356
x-request-id: v-60cf8864-de00-11ee-823f-771c080a6b21
last-modified: Thu, 07 Mar 2024 16:56:01 GMT
server: cloudflare
vary: Accept-Encoding
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 8658a75dd8dd3a9c-FRA
expires: Sat, 30 Mar 2024 23:51:53 GMT

GET
H2 200 image.aspx
6293840.global.r2.siteimproveanalytics.io/ 34 B
149 B 72ms
9ms Image
image/gif 18.192.233.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6293840.global.r2.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.gundersenhealth.org%2F&title=Gundersen%20Health%20System%20Hospitals%20%26%20Clinics%20I%20Gundersen&res=1600x1200&accountid=6293840&rt=368&prev=78bf1d18-2496-381a-0bd7-d26fd424f581&luid=b96c77e9-0448-5943-37a7-755e56bb363d&rnd=39495
Requested by: Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.233.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-233-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 16 Mar 2024 23:51:53 GMT
cache-control: max-age=0
content-length: 34
expires: Sat, 16 Mar 2024 23:51:53 UTC

POST
H2 200 8658a75c1f973a9c Show response
www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 43C9 0
325 B 27ms
27ms XHR
text/plain 2606:4700::6812:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gundersenhealth.org/cdn-cgi/challenge-platform/h/b/jsd/r/8658a75c1f973a9c

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ef9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
cf-ray: 8658a75ea95c3a9c-FRA
content-type: text/plain; charset=UTF-8

GET
H2 200 nr-rum-1.253.0.min.js Show response
js-agent.newrelic.com/ 45 KB
16 KB 48ms
13ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.253.0.min.js

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.gundersenhealth.org/
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: TgvqgvoYAHsERQ1.OBrfuMt0ieYpGWt5
content-encoding: br
via: 1.1 varnish
date: Sat, 16 Mar 2024 23:51:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: W45R3GKPKPM0T13J
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15820
x-amz-id-2: FSCD2Utu+0jhM/NsfdGbD/2noM0uy8GGLPH6nv0J+OEhpouxzaQkcBtH7tFBILfynLs6CqeEKfo=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Wed, 13 Mar 2024 21:07:25 GMT
server: AmazonS3
etag: "25a03a86ccddb342618e06f726d40778"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 54030

GET
H/1.1 200
OK gyant-embed.js Show response
web2.production.gyantts.com/ 1 MB
371 KB 313ms
96ms Script
application/javascript 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/gyant-embed.js

Requested by

Host: www.gundersenhealth.org
URL: https://www.gundersenhealth.org/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

5d31bf7b9befdd1a644ecf7a180de8466ba528c4dcaee7ee82668b6d5c5b4090

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' cdn.jsdelivr.net .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' cdn.jsdelivr.net *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Transfer-Encoding: chunked
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 11 Mar 2024 16:50:05 GMT
ETag: W/"65ef363d-14b7ac"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

POST
H/1.1 200 NRJS-ab8e52baec8695a0f79 Show response
bam.nr-data.net/1/ 48 B
510 B 586ms
551ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-ab8e52baec8695a0f79?a=1009099666,1044306738&v=1.253.0&to=Y1UAYxZUXhcAUBYMW1ofIUIXQV8JTlYMEV1ASUxZC1FVSgJSDApaXVMDW15FUQME&rst=527&ck=0&s=2772036aeb50d872&ref=https://www.gundersenhealth.org/&hr=0&qt=28&ap=501&be=109&fe=362&dc=232&at=TxIDFV5OTRk%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1710633112910,%22n%22:0,%22f%22:50,%22dn%22:51,%22dne%22:51,%22c%22:51,%22s%22:57,%22ce%22:68,%22rq%22:68,%22rp%22:109,%22rpe%22:112,%22di%22:292,%22ds%22:327,%22de%22:341,%22dc%22:470,%22l%22:470,%22le%22:471%7D,%22navigation%22:%7B%7D%7D&fp=294&fcp=368
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.253.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b4a725979acb1681a72265c90e68ae931853303505fb9e883bf7fe8e499a66df

Request headers

Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 16 Mar 2024 23:51:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.gundersenhealth.org
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://www.gundersenhealth.org
Content-Length: 48
x-served-by: cache-fra-etou8220052-FRA

GET
H/1.1 200
OK gnd-fd Show response
web2.production.gyantts.com/api/getConfig/ 5 KB
3 KB 283ms
97ms XHR
application/json 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/getConfig/gnd-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

c8b335169489d4b10413d9b59b55d955d02e39e582eeeb8d83a7f27c32ba153d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:54 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-DNS-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Content-Type: application/json
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gnd-fd Show response
web2.production.gyantts.com/api/ui-components/call-to-action-button/get-config/ 2 B
1 KB 97ms
96ms XHR
application/json 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/call-to-action-button/get-config/gnd-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:55 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gnd-fd Show response
web2.production.gyantts.com/api/ui-components/collapsed-widget/get-config/en_US/ 603 B
2 KB 203ms
106ms XHR
application/json 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/collapsed-widget/get-config/en_US/gnd-fd?path=/

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

9c01ae5bdf6636ad3ee031b57a7986551024807271da5d865d06f8c48124d31f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:55 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
Content-Encoding: gzip
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-DNS-Prefetch-Control: off
Connection: keep-alive
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"25b-zwotoAAIBqBcnOHRTnMImJ1F8YY"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gnd-fd Show response
web2.production.gyantts.com/api/ui-components/dismiss-button/get-config/ 44 B
1 KB 279ms
96ms XHR
application/json 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/dismiss-button/get-config/gnd-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

8e33235145960548796537ebb9c51c1602014797fc9b8c7aec88e377d7ee8fb2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:55 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 44
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"2c-HaQabKMoFhW/F/gOjLrohOKH9qk"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK gnd-fd Show response
web2.production.gyantts.com/api/ui-components/minimize-button/get-config/ 2 B
1 KB 283ms
98ms XHR
application/json 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/ui-components/minimize-button/get-config/gnd-fd

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:55 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK chat-image.svg
s3.amazonaws.com/assets.gyant.com/widget/client/gnd-fd/ 5 KB
6 KB 309ms
113ms Image
image/svg+xml 52.216.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.gyant.com/widget/client/gnd-fd/chat-image.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.216.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ec3b138926593cc079f94e9d7a92080b1c47b7061468564a9e786b75fb5a21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gundersenhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:56 GMT
Last-Modified: Fri, 02 Oct 2020 19:14:07 GMT
Server: AmazonS3
x-amz-request-id: KY5TY9BYJVZDRA9D
ETag: "0c90ad5d04f2c4b1a46342f6dfaaf83b"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5314
x-amz-id-2: D74WZDR7iWTm33+OrZcG4wljutP6q0+cL3Vf7BgkaB/DD3k3wLjVyndPtcfWMzinQN7vjnlJoGg=

GET
H/1.1 200
OK fonts.css
s3.amazonaws.com/assets.gyant.com/fonts/ Frame 3C1D 39 KB
39 KB 288ms
111ms Stylesheet
text/css 52.216.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Requested by: Host: client
URL: about:client
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.216.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b0b24151bff0d2688cdb4f3658018f0e3d6e332b361e1ef86319c547e1b08aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:56 GMT
Last-Modified: Mon, 30 Oct 2023 14:23:28 GMT
Server: AmazonS3
x-amz-request-id: KY5TTE1HPTC6Y5G3
ETag: "6dd610a4985702e71d87ed4523d3bc28"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 39598
x-amz-id-2: 2MKWVUWpmpLrXhT7ULC+uHTRg5S4KLJxNNOVEVBuTpKcMntfVg5A8qX4AP8f5GImIl6W0/QIO5g=

GET
H/1.1 200
OK avatar-gnd-fd.svg
s3.amazonaws.com/assets.gyant.com/widget/client/gnd-fd/ Frame 3C1D 5 KB
6 KB 287ms
104ms Image
image/svg+xml 52.216.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.gyant.com/widget/client/gnd-fd/avatar-gnd-fd.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.216.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5ec3b138926593cc079f94e9d7a92080b1c47b7061468564a9e786b75fb5a21f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:56 GMT
Last-Modified: Fri, 02 Oct 2020 16:12:06 GMT
Server: AmazonS3
x-amz-request-id: KY5HSHRD2D1GXKZT
ETag: "0c90ad5d04f2c4b1a46342f6dfaaf83b"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5314
x-amz-id-2: eslceVcmCgZqqEhmCEraGSUwwEtj224F9+53GbBFevzVHuOXuqmE+CEfYZ+rv7rnOKLrVhGRZZI=

OPTIONS
H/1.1 204
No Content event-anonymous
web2.production.gyantts.com/api/ Frame 0
0 92ms
92ms Preflight 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/event-anonymous

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gundersenhealth.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Date: Sat, 16 Mar 2024 23:51:55 GMT
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK event-anonymous Show response
web2.production.gyantts.com/api/ 13 B
1 KB 110ms
110ms XHR
application/json 50.16.126.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://web2.production.gyantts.com/api/event-anonymous

Requested by

Host: web2.production.gyantts.com
URL: https://web2.production.gyantts.com/gyant-embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

50.16.126.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-16-126-230.compute-1.amazonaws.com

Software

Resource Hash

aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .gyant.com .gyantts.com; connect-src 'self' ;script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' .amazonaws.com .gyant.com .gyantts.com .bootstrapcdn.com .cloudflare.com .googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' .gstatic.com .amazonaws.com .gyant.com .gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.gundersenhealth.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 16 Mar 2024 23:51:55 GMT
Content-Security-Policy: default-src 'self' *.gyant.com *.gyantts.com; connect-src 'self' *;script-src 'self' * 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.amazonaws.com *.gyant.com *.gyantts.com *.bootstrapcdn.com *.cloudflare.com *.googleapis.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' *.gstatic.com *.amazonaws.com *.gyant.com *.gyantts.com; img-src 'self' * data:;media-src 'self' https://assets.gyant.com;frame-src 'self' * mailto: tel:;base-uri 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=5184000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 13
X-Xss-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
ETag: W/"d-tmlXfosdqikrv1KGglx6BWCx0JQ"
Expect-CT: max-age=0
X-Download-Options: noopen
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK public-sans-v7-latin-700.woff2
s3.amazonaws.com/assets.gyant.com/fonts/public-sans/ Frame 3C1D 13 KB
14 KB 304ms
121ms Font
binary/octet-stream 52.216.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.gyant.com/fonts/public-sans/public-sans-v7-latin-700.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.216.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fdd57bfbd36b7086485d98de772deed368f99705ec79c225212965da4f1f4346

Request headers

Referer: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:56 GMT
Last-Modified: Wed, 02 Nov 2022 21:26:41 GMT
Server: AmazonS3
x-amz-request-id: KY5R1Y6VBENEYTXN
ETag: "40668bfbe746240c123da93e591a147f"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods
Accept-Ranges: bytes
Content-Length: 13388
x-amz-id-2: wYb5/7mm/iZcNqp84mYodoOnGIHzlq4I+DfG+Fxrt12Sdb+/3DWKSiStseN1mByvjkQFbWZjz4o=

GET
H/1.1 200
OK public-sans-v7-latin-regular.woff2
s3.amazonaws.com/assets.gyant.com/fonts/public-sans/ Frame 3C1D 13 KB
14 KB 293ms
110ms Font
binary/octet-stream 52.216.216.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.gyant.com/fonts/public-sans/public-sans-v7-latin-regular.woff2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.216.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 18b4d1a090369771133991ae290cbd76b7aeb0abb500a19d38f3ef8737961a0c

Request headers

Referer: https://s3.amazonaws.com/assets.gyant.com/fonts/fonts.css
Origin: https://www.gundersenhealth.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Sat, 16 Mar 2024 23:51:56 GMT
Last-Modified: Wed, 02 Nov 2022 21:26:42 GMT
Server: AmazonS3
x-amz-request-id: KY5HD2KHHH62S22B
ETag: "74eb6cd27782974b16fbab7d95ced297"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Methods
Accept-Ranges: bytes
Content-Length: 13288
x-amz-id-2: RvTSjqpN67aw8SgTNupAb2tX//o5OyVUf4X4PqbLL5czsb8bp8qL3BC6xUaG9Wd99281EQIMvbo=

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gundersenhealth.org/	1970-01-20 19:10:34	Name: __cf_bm Value: 5dD3FWSn8P.uZf1QIrTj7Ap6f7Qrje1qgwU0NshrQi8-1710633113-1.0.1.1-Me3TvoNt2IQbpZVxQUZ29X4GRFc6t7FVoDuRQVZwzvYfW5yUdfeNuYWsmLGV8G8WhuGgtLe9cFkBpcs98AF.Og
.gundersenhealth.org/	1970-01-21 04:46:33	Name: nmstat Value: 78bf1d18-2496-381a-0bd7-d26fd424f581
.gundersenhealth.org/	1970-01-21 04:46:33	Name: google-analytics_v4_DYHq__engagementDuration Value: 0
.gundersenhealth.org/	1970-01-21 04:46:33	Name: google-analytics_v4_DYHq__engagementStart Value: 1710633113261
.gundersenhealth.org/	1970-01-21 04:46:33	Name: google-analytics_v4_DYHq__counter Value: 1
.gundersenhealth.org/	1970-01-20 19:10:34	Name: google-analytics_v4_DYHq__ga4sid Value: 285981862
.gundersenhealth.org/	1970-01-21 04:46:33	Name: google-analytics_v4_DYHq__session_counter Value: 1
.gundersenhealth.org/	1970-01-21 04:46:33	Name: google-analytics_v4_DYHq__ga4 Value: 1a100591-38a3-4afc-87c1-1d9c73064ce1
.gundersenhealth.org/	1970-01-21 04:46:33	Name: google-analytics_v4_DYHq__let Value: 1710633113261
.gundersenhealth.org/	1970-01-21 03:56:09	Name: cf_clearance Value: GW4sz3Zz9Cw3h3LxePNMA7_GxDlqcfRyxDnvBXqVbvM-1710633113-1.0.1.1-eAx3t.hLgHDWi5.QiykiKpAyDDzJSHII3aakTmoR_h2NrLMlIdwF9obyjgCp2AXEn6IZAf25oJIaQXnG29cdXw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	report-uri /report-csp-violation
Strict-Transport-Security	max-age=15552000
X-Content-Security-Policy	report-uri /report-csp-violation
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6293840.global.r2.siteimproveanalytics.io
bam.nr-data.net
browser-update.org
js-agent.newrelic.com
p.typekit.net
s3.amazonaws.com
siteimproveanalytics.com
use.typekit.net
web2.production.gyantts.com
www.gundersenhealth.org
162.247.243.29
18.192.233.173
2606:4700:20::ac43:45ce
2606:4700::6812:ef9
2606:4700::6812:ff9
2a02:26f0:7100::1720:ef23
2a02:26f0:7100::1720:ef43
2a04:4e42:200::649
2a06:98c1:3120::3
50.16.126.230
52.216.216.168
0664f20b0c33019ba2985d960e32a52816fc8124555cc4621872b4686b36b3da
14121d1a0777e9e328ef65cc1cc4d1bd1ace27b943954eb83dde1c1474d02aea
17a1f9924968de5e857a782914d0dc09daa5b8c878f82761284d38baf74fd996
18b4d1a090369771133991ae290cbd76b7aeb0abb500a19d38f3ef8737961a0c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2151de047611907b4490bd96ce130948e86ed17ea2acb9ed3d48c665495e903c
241a4c930a7bd2bb1ed629cd4865bdaa1ea3ba7e23e41fd6e2b2c7405e81d477
30a5b70fdbfe701110330dd55c7734966988740323c203d7c1a920c4c492b717
324b22423deab7dc8d08dc0aa9bf8a7b26c5751982c8d5bf68ef9483af5e88e1
33fad484f36be3964dc66a3ded5efc5d0b35b36b9202d1763364dee6a1836143
41338ccb4393698b45700f0fef008a608a3da811420417007655dab6a1bd6c0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bfcda553bfa1259b720e6ac5fbe6a93cc196c16da89fc7f9fab5051ffbc5de
4cb8f16cc3a7a6e989e07694071e14a15319bdec083376a419d569d4ef98bf1c
51365348552d14aff7ca80265ee1162d383a1477559e22ea4909c8f8f44f3545
578fa8c67b99fd92627e301f565036f74afecee0b7db6f4c0397b2121af5b1d2
5d31bf7b9befdd1a644ecf7a180de8466ba528c4dcaee7ee82668b6d5c5b4090
5ec3b138926593cc079f94e9d7a92080b1c47b7061468564a9e786b75fb5a21f
6d7aa6bb298937661d993695e32a86a9c891b3cb77e46cda3831bc8ca616c55c
7177b7b3d4fead439025573990c0ec13dfbd5a9cb4421c99f289c8adeedd35ef
72deb27016c7a1371d39615f96db79001fab6e7bd4ba0f39543064dae133662a
7716c79a8710c35591a59de7eb1efdd2bd1df2d0d9f059265bf79fef21a025cc
8674214bc94c1a684fa106869375fff529027ef48afc18ef596258e9fd6a4c83
884be02526ba926246005e45c6fd619fb4e0b53265d5d82db187a35a98690d55
8bb3c5adbbdf2f72f7dbca8d8467fef1db700dbcadfd63dcc1433e3f174ea99d
8e33235145960548796537ebb9c51c1602014797fc9b8c7aec88e377d7ee8fb2
9c01ae5bdf6636ad3ee031b57a7986551024807271da5d865d06f8c48124d31f
aa3d21398252adb9f16b5208884b4da22eec9f2019a0139b114a61f178396794
b0b24151bff0d2688cdb4f3658018f0e3d6e332b361e1ef86319c547e1b08aa8
b4a725979acb1681a72265c90e68ae931853303505fb9e883bf7fe8e499a66df
be2c33eeea9e761795209e52fa6624ba7871bbc87a7d7e10b0a689e11c209790
c8b335169489d4b10413d9b59b55d955d02e39e582eeeb8d83a7f27c32ba153d
cf9793f4973743ff3775f7014a51f60bd88a1e3df7dbaa2321fd0b2acd1303cf
d0d23c9b6a75ef966da7b930332589cbf763bcd6e480006e717ba473d6bc3151
da9ac5503e1411eb8d1329882c74a0687864e9e00bd4a7307a9dd6ccf96ccdef
db4f2b9fc29875847e047ac95c45f345f09989f7b5d82b733051df20c1c27f36
dd1e821c5f34b9d6b523b35da0ef47b833354317097e1b5fb219bd035287c1e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68c327d01f06745ad151370e991a33d8b5b3b1f68655b4d4a7bc545529a59d9
f1979d29f23c475575b9e29dab554df939d3207da103275b7ed46d1daf942903
f3d33e41cb646c20d15a80c2fa42689189d114e3e78a3e77b6e8c002b900070e
fdd57bfbd36b7086485d98de772deed368f99705ec79c225212965da4f1f4346

www.gundersenhealth.org Open in urlscan Pro 2606:4700::6812:ef9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

44 Requests

98 %HTTPS

64 %IPv6

9 Domains

10 Subdomains

11 IPs

2 Countries

1448 kBTransfer

4642 kBSize

10 Cookies

8 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gundersenhealth.org Open in urlscan Pro
2606:4700::6812:ef9 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

64 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

1448 kB
Transfer

4642 kB
Size

10
Cookies

44 HTTP transactions
2 data transactions