gme.providence.org Open in urlscan Pro
64.70.194.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gme.providence.org/request-form/
Submission: On October 08 via manual (October 8th 2020, 3:17:26 pm UTC) from IN

Summary HTTP 58 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 58 HTTP transactions. The main IP is 64.70.194.121, located in United States and belongs to AFFINITY-FTL, US. The main domain is gme.providence.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 28th 2020. Valid for: 3 months.

This is the only time gme.providence.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	64.70.194.121 64.70.194.121	3064 (AFFINITY-FTL) (AFFINITY-FTL)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	64.70.194.112 64.70.194.112	32400 (HWSERVICE...) (HWSERVICES-32400)
1	64.70.194.202 64.70.194.202	32400 (HWSERVICE...) (HWSERVICES-32400)
6	104.111.215.136 104.111.215.136	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
1	52.219.116.104 52.219.116.104	16509 (AMAZON-02) (AMAZON-02)
2	143.204.94.27 143.204.94.27	16509 (AMAZON-02) (AMAZON-02)
1	54.85.26.63 54.85.26.63	14618 (AMAZON-AES) (AMAZON-AES)
2	40.76.202.94 40.76.202.94	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.16.109.72 52.16.109.72	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.243.46 99.86.243.46	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	52.84.116.88 52.84.116.88	16509 (AMAZON-02) (AMAZON-02)
1	95.100.78.166 95.100.78.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	142.0.160.53 142.0.160.53	7160 (NETDYNAMICS) (NETDYNAMICS)
1	142.0.160.57 142.0.160.57	7160 (NETDYNAMICS) (NETDYNAMICS)
1	107.23.40.26 107.23.40.26	14618 (AMAZON-AES) (AMAZON-AES)
58	26

19 64.70.194.121 (United States)

ASN3064 (AFFINITY-FTL, US)

gme.providence.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.70.194.112 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: hhschool.com

www.scorpioncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.70.194.202 (United States)

ASN32400 (HWSERVICES-32400, US)

sa.scorpiondesign.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.215.136 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-136.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.116.104 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1.amazonaws.com

s3-us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.94.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tealium.wheelhousedmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.26.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-26-63.compute-1.amazonaws.com

pc-providence-collect.tealiumiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.76.202.94 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

phc.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.109.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-109-72.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.243.46 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-46.vie50.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.116.88 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-116-88.sof50.r.cloudfront.net

d22xmn10vbouk4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.78.166 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-78-166.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.160.53 (Ashburn, United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

s1129361478.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.160.57 (Ashburn, United States)

ASN7160 (NETDYNAMICS, US)
PTR: mail01.academic.hbsp.harvard.edu

tracker.providence.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.40.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pnapi.invoca.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	providence.org gme.providence.org tracker.providence.org	336 KB
6	tiqcdn.com tags.tiqcdn.com	48 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	gstatic.com fonts.gstatic.com	40 KB
2	eloqua.com 1 redirects s1129361478.t.eloqua.com	922 B
2	invocacdn.com solutions.invocacdn.com	62 KB
2	crazyegg.com script.crazyegg.com	36 KB
2	piwik.pro phc.piwik.pro	22 KB
2	wheelhousedmg.com tealium.wheelhousedmg.com	574 B
2	facebook.com www.facebook.com	362 B
2	facebook.net connect.facebook.net	91 KB
1	invoca.net pnapi.invoca.net	232 B
1	en25.com img.en25.com	3 KB
1	cloudfront.net d22xmn10vbouk4.cloudfront.net	20 KB
1	google.de ampcid.google.de	495 B
1	ytimg.com s.ytimg.com	37 KB
1	google.com ampcid.google.com	566 B
1	usabilla.com w.usabilla.com	91 B
1	tealiumiq.com pc-providence-collect.tealiumiq.com	757 B
1	amazonaws.com s3-us-west-1.amazonaws.com
1	youtube.com www.youtube.com	1 KB
1	scorpiondesign.com sa.scorpiondesign.com	552 B
1	scorpioncms.com www.scorpioncms.com	1 KB
1	googleapis.com fonts.googleapis.com	965 B
58	24

	Domain	Requested by
19	gme.providence.org	gme.providence.org
6	tags.tiqcdn.com	gme.providence.org tags.tiqcdn.com
3	www.google-analytics.com	tags.tiqcdn.com www.google-analytics.com gme.providence.org
3	fonts.gstatic.com	fonts.googleapis.com
2	s1129361478.t.eloqua.com	1 redirects img.en25.com
2	solutions.invocacdn.com	tags.tiqcdn.com solutions.invocacdn.com
2	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
2	phc.piwik.pro	tags.tiqcdn.com gme.providence.org
2	tealium.wheelhousedmg.com	tags.tiqcdn.com
2	www.facebook.com	gme.providence.org
2	connect.facebook.net	gme.providence.org connect.facebook.net
1	pnapi.invoca.net	solutions.invocacdn.com
1	tracker.providence.org	gme.providence.org
1	img.en25.com	tags.tiqcdn.com
1	d22xmn10vbouk4.cloudfront.net	tags.tiqcdn.com
1	ampcid.google.de	www.google-analytics.com
1	s.ytimg.com	www.youtube.com
1	ampcid.google.com	www.google-analytics.com
1	w.usabilla.com	gme.providence.org
1	pc-providence-collect.tealiumiq.com	tags.tiqcdn.com
1	s3-us-west-1.amazonaws.com	gme.providence.org
1	www.youtube.com	tags.tiqcdn.com
1	sa.scorpiondesign.com	gme.providence.org
1	www.scorpioncms.com	gme.providence.org
1	fonts.googleapis.com	gme.providence.org
58	25

This site contains links to these domains. Also see Links.

Domain
www.providence.org
www.collaboratingforbetterhealthcare.com
www.psjhealth.org
psjhealth.jobs
psdrecruit.org
psjhcrmwebsites.microsoftcrmportals.com
blog.providence.org
www.facebook.com
www.twitter.com
www.linkedin.com
www.instagram.com
maps.google.com
www.scorpion.co

Subject Issuer	Validity	Valid
gme.providence.org Let's Encrypt Authority X3	`2020-08-28` - `2020-11-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
scorpioncms.com Let's Encrypt Authority X3	`2020-09-15` - `2020-12-14`	3 months	crt.sh
*.scorpiondesign.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-04` - `2022-03-11`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.s3-us-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	a year	crt.sh
*.tealiumiq.com Amazon	`2020-02-26` - `2021-03-26`	a year	crt.sh
*.piwik.pro GlobeSSL DV CA	`2020-05-11` - `2021-02-13`	9 months	crt.sh
tealium.wheelhousedmg.com Amazon	`2020-04-02` - `2021-05-02`	a year	crt.sh
w.usabilla.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
invocacdn.com Amazon	`2020-01-21` - `2021-02-21`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2020-08-13` - `2021-11-12`	a year	crt.sh
tracker.providence.org GlobalSign RSA OV SSL CA 2018	`2020-09-11` - `2021-10-13`	a year	crt.sh
*.invoca.net Go Daddy Secure Certificate Authority - G2	`2018-08-08` - `2020-10-30`	2 years	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2022-04-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://gme.providence.org/request-form/
Frame ID: D4DCD6B8D0DC5DB2726EC01586790319
Requests: 56 HTTP requests in this frame

Frame: https://w.usabilla.com/177a021a3b1f.js?lv=1
Frame ID: 2ACB2473F1A87311BE6466033C08C917
Requests: 1 HTTP requests in this frame

Frame: https://tags.tiqcdn.com/utag/providence/cookie-sync/prod/mobile.html
Frame ID: 6F88496C7FC9EBFE7BD2214246781BCE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

58
Requests

100 %
HTTPS

40 %
IPv6

24
Domains

25
Subdomains

26
IPs

5
Countries

723 kB
Transfer

2143 kB
Size

17
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.providence.org/about
Title: Why Providence

Search URL Search Domain Scan URL

URL: https://www.collaboratingforbetterhealthcare.com/O.aspx?s=15&_m=40b9685c-24a2-4b30-9237-abbe0158fad5&_psc=1465c660-8696-4663-88ab-ab3b0171856f&t=0&_a=78028541-5b2c-46b5-be85-a6c1012ea4c4&_dspvw=d
Title: Help Us Improve Health Care

Search URL Search Domain Scan URL

URL: https://www.psjhealth.org/community-benefit?_ga=2.259776778.1427895263.1589747883-1504382824.1588005420&_elqguid=058FC6C2B4544652B3FC00256B58C63D&pk_vid=8c64be4a2d7249051589748962e7648b
Title: Community Benefit Report

Search URL Search Domain Scan URL

URL: https://www.psjhealth.org/community-benefit/community-health-needs-assessments?_ga=2.259776778.1427895263.1589747883-1504382824.1588005420&_elqguid=058FC6C2B4544652B3FC00256B58C63D&pk_vid=8c64be4a2d7249051589748963e7648b
Title: Community Health Needs Assessments and Improvement Plans

Search URL Search Domain Scan URL

URL: https://www.providence.org/doctors?region=%20providence
Title: Our Doctors

Search URL Search Domain Scan URL

URL: https://www.providence.org/for-employees
Title: For Caregivers (our employees)

Search URL Search Domain Scan URL

URL: https://psjhealth.jobs/
Title: Career Opportunities

Search URL Search Domain Scan URL

URL: https://psdrecruit.org/providence/
Title: Provider Jobs

Search URL Search Domain Scan URL

URL: https://psjhcrmwebsites.microsoftcrmportals.com/home/
Title: Classes and Events

Search URL Search Domain Scan URL

URL: https://www.providence.org/obp
Title: Online Bill Pay

Search URL Search Domain Scan URL

URL: https://blog.providence.org/
Title: Read Our Blog

Search URL Search Domain Scan URL

URL: https://www.providence.org/about/our-mission
Title: Learn more about our mission, vision and values

Search URL Search Domain Scan URL

URL: https://www.facebook.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.providence.org/utility-pages/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.providence.org/utility-pages/privacy-policy
Title: Terms of Use & Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.providence.org/utility-pages/nondiscrimination-statement
Title: Notice of Nondiscrimination and Accessibility Rights

Search URL Search Domain Scan URL

URL: https://www.providence.org/utility-pages/notice-of-privacy-practices
Title: Notice of Privacy Practices

Search URL Search Domain Scan URL

URL: https://maps.google.com/maps?f=q&hl=en&z=15&q=3345%20Michelson%20Drive,Irvine,CA,92612
Title: Map + Directions

Search URL Search Domain Scan URL

URL: https://www.scorpion.co/healthcare-marketing/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://s1129361478.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1129361478&ref2=elqNone&tzo=-60&ms=152&optin=disabled&firstPartyCookieDomain=tracker.providence.org HTTP 302
https://tracker.providence.org/visitor/v200/svrGP.aspx?pps=3&siteid=1129361478&ref2=elqNone&tzo=-60&ms=152&optin=disabled&elq1pcGUID=DB94BBE51E754E9C95353580045B2523

58 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
gme.providence.org/request-form/ 48 KB
18 KB 705ms
286ms Document
text/html 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

ad53a3b0148482c41e2c767fa2d4a03587fc97af56d96597f15df8d1edfefce2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: gme.providence.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: SEOT=#1; expires=Sat, 07-Nov-2020 08:00:00 GMT; path=/; secure T=!!; path=/; secure SEOV=#1; expires=Sat, 07-Nov-2020 08:00:00 GMT; path=/; secure TS01931d6b=0184cfe7a64b04b7328293a8b78243cb97425c9529158344f69e0fce7fe3c942a807819b60c284cdd68f9ff01a58619509ebb3afa93398ec7c7d8f1e37021d338989be0a6096988234ae70a87fad79cb601e82b879febefbbf418f19e9f7ca1d5e6c129a2c; Path=/
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Date: Thu, 08 Oct 2020 15:17:04 GMT
Content-Length: 17686

GET
H/1.1 200
OK z6o19jb35aq.2008271602549.css
gme.providence.org/cms/includes/ 169 KB
31 KB 294ms
180ms Stylesheet
text/css 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/includes/z6o19jb35aq.2008271602549.css

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

30d9d8a8c7e8d5eb3052f8d072fa2aea98d3e5309d09db4ef49cb15b7e936bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 27 Aug 2020 23:02:54 GMT
ETag: "77c9aa32c67cd61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:04 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 30509
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK qdyfq9a7l_t.2009081355427.js Show response
gme.providence.org/cms/includes/ 626 KB
224 KB 444ms
178ms Script
application/javascript 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

3060bfb49449f9da9023e55f9b973d2f0cb4934f246b87d8a7cacbb654bf3d70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 08 Sep 2020 20:55:42 GMT
Transfer-Encoding: chunked
ETag: "c5e3766a2286d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:04 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: NndRHBgi7lgt4qKqLfJyIWlKI4rr9Eht0aX3mq4z31c+GBeidihlDQdM0UMoAZTwWopME7DHPaZrA10rpw9eww==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 08 Oct 2020 15:17:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 731785827163912 Show response
connect.facebook.net/signals/config/ 234 KB
68 KB 61ms
61ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/731785827163912?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5c4d639508717af20002ecb5f408ddc82b27802aae76848c61aa9b4c2b75081a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: IZcXfWYUB5YAP/tTtWtThC86cBYLvbGHSVWI2iupZCyWgT10M8hui7AXaVP984gZ1NUeIGvdTSZW3e5nd8N84w==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 08 Oct 2020 15:17:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
261 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=731785827163912&ev=PageView&dl=https%3A%2F%2Fgme.providence.org%2Frequest-form%2F&rl=&if=false&ts=1602170224413&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602170224412.1720824832&it=1602170224325&coo=false&rqm=GET

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 08 Oct 2020 15:17:04 GMT

GET
H/1.1 200
OK xl8wm6me7vn.2009161156241.js Show response
gme.providence.org/cms/includes/ 32 KB
13 KB 290ms
147ms Script
application/javascript 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/includes/xl8wm6me7vn.2009161156241.js

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

59263ef147434d164b45f306a34885fd0754814d8f726fe9acf9a665c97135f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 18:56:24 GMT
ETag: "ec48ed125b8cd61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:04 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 12236
X-Content-Type-Options: nosniff

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
965 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b5101b240b5804bb417f80d559c93e6021b168774d1028a48b59efe917992816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Oct 2020 15:17:04 GMT
server: ESF
date: Thu, 08 Oct 2020 15:17:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 15:17:04 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gme.providence.org
Referer: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:28:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:51 GMT
server: sffe
age: 161287
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:28:57 GMT

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
14 KB 28ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gme.providence.org
Referer: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 161695
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:09 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 24ms
13ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gme.providence.org
Referer: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,600;0,700;1,400;1,600;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:20:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 161788
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:20:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=731785827163912&ev=Microdata&dl=https%3A%2F%2Fgme.providence.org%2Frequest-form%2F&rl=&if=false&ts=1602170224923&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Request%20Form%20%7C%20Providence%20Residency%22%2C%22meta%3Adescription%22%3A%22Request%20Form.%20When%20you%20choose%20a%20residency%20program%20at%20Providence%2C%20you%20become%20part%20of%20a%20comprehensive%20health%20care%20organization%20that%E2%80%99s%20steadfast%20in%20serving%20all.%20Learn%20more.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Providence%20Residency%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgme.providence.org%2Frequest-form%2F%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fgme.providence.org%2Fimages%2Fassets%2Flogo.png%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22Providence%20Residency%22%2C%22description%22%3A%22Providence%20Residency%20%26%20Fellowship%20Programs%22%2C%22url%22%3A%22https%3A%2F%2Fgme.providence.org%2F%22%2C%22image%22%3A%22%2Fimages%2Fassets%2Flogo.png%22%2C%22telephone%22%3A%22949-381-4775%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22streetAddress%22%3A%223345%20Michelson%20Drive%5Cn%5Ct%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%5Ct%5CtSuite%20100%5Cn%5Ct%5Ct%5Ct%5Ct%5Ct%5Cn%5Ct%5Ct%5Ct%5Ct%22%2C%22addressLocality%22%3A%22Irvine%22%2C%22addressRegion%22%3A%22CA%20%22%2C%22postalCode%22%3A%2292612%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FPostalAddress%22%7D%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FMedicalOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602170224412.1720824832&it=1602170224325&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 08 Oct 2020 15:17:04 GMT

GET
H/1.1 200
OK masked.js Show response
www.scorpioncms.com/common/js/m/ 821 B
1 KB 622ms
135ms Script
application/x-javascript 64.70.194.112
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL

https://www.scorpioncms.com/common/js/m/masked.js

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.112 , United States, ASN32400 (HWSERVICES-32400, US),

Reverse DNS

hhschool.com

Software

Resource Hash

3c18ea61d1c27eb4e4a2e429525eef024a1bdda8064d252203ea6a4eb4f2fbe7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 23 Oct 2019 22:16:21 GMT
ETag: 637074405811801832False
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Content-Length: 602
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:06 GMT

GET
H/1.1 200
OK facebook.png
gme.providence.org/images/assets/social-icons/ 1 KB
2 KB 143ms
141ms Image
image/png 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gme.providence.org/images/assets/social-icons/facebook.png

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

fabe1fa243a8b690e64f950ba1f0b034a91430e1fa3fd4ff790c32ef4b327f66

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 04 May 2020 22:56:32 GMT
ETag: "ed2c7d416722d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Content-Length: 1103
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK twitter.png
gme.providence.org/images/assets/social-icons/ 1 KB
2 KB 140ms
138ms Image
image/png 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gme.providence.org/images/assets/social-icons/twitter.png

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

29338a5c6426e5dcc7337eaa9ed4e61db6d1f6f199c2513effdeaf68a0edf1ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 04 May 2020 22:56:33 GMT
ETag: "744bb0416722d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Content-Length: 1281
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK linkedin.png
gme.providence.org/images/assets/social-icons/ 1 KB
2 KB 145ms
143ms Image
image/png 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gme.providence.org/images/assets/social-icons/linkedin.png

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

1f045d5e0a2c3521720a636ebc3fcfdeedec49d980a7f86618d3715259c85099

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 04 May 2020 22:56:33 GMT
ETag: "bc45a0416722d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Content-Length: 1144
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK instagram.png
gme.providence.org/images/assets/social-icons/ 1 KB
2 KB 140ms
138ms Image
image/png 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gme.providence.org/images/assets/social-icons/instagram.png

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

dd91c609c18fad3b2b2faec656d7faf3a1f3f65c2107c15a942d038b80be65d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 04 May 2020 22:56:33 GMT
ETag: "9ac691416722d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Content-Length: 1232
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK stack-gray.png
gme.providence.org/common/scorpion/logo/ 5 KB
6 KB 458ms
173ms Image
image/png 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gme.providence.org/common/scorpion/logo/stack-gray.png

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

b5eb6fecca494a83b5fb806facb555fb6cfd0f1a2e43aa2dfc3fb062d9794297

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 24 Mar 2020 22:57:41 GMT
ETag: "b65d389f2f2d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Content-Length: 5244
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK sa.js Show response
sa.scorpiondesign.com/ 28 B
552 B 620ms
163ms Script
text/javascript 64.70.194.202
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://sa.scorpiondesign.com/sa.js?zTShkH2Bazs5ucnygdbPTwFYmGlRIr86eXdPB9faQ1OvM6J5BEgb2U4wT3SkZ7HnvI9gU%2Bkl7Hwu%2BR3xPcmGQXmjPCrodB40wp8Q0vXWavYsnTSBz1K7kAYy2eGzHWOed0ayNgn21DhPWioTBNOzmOlXFTlOZjxAJlt%2F6dVBIbBtecn%2B,1,,,,1600,-1,9493814775,https%3A%2F%2Fgme.providence.org%2Frequest-form%2F,,,,,0,0,0
Requested by: Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/xl8wm6me7vn.2009161156241.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.70.194.202 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 0e1fe6a830e16dab66ff5127e5a6fb86de60f2a7804b85404ae41f7fcdc2134f

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 149
Expires: -1

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/providence/socal-provhealth/prod/ 176 KB
43 KB 242ms
196ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Requested by: Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/xl8wm6me7vn.2009161156241.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f21eff17a8ab3c539e671f52247b797f8b7d2833557548e096a086f75b78383d

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:05 GMT
content-encoding: gzip
last-modified: Fri, 02 Oct 2020 16:48:07 GMT
server: AkamaiNetStorage
etag: "6d95ce3a12a67eb11fb264c4a9784258:1601657287.151168"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
expires: Thu, 08 Oct 2020 15:22:05 GMT

GET
H/1.1 200
OK simple-show-hide-script2.js Show response
gme.providence.org/includes/js/ 749 B
1 KB 454ms
172ms Script
application/javascript 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/includes/js/simple-show-hide-script2.js

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

106602c2a1dc1842db2d02444dd04ce9c54a87978551bc2c3af91880aba4422a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 12 Jun 2019 16:31:34 GMT
ETag: "50fa5b4c3c21d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 472
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK qx2ohghkzzn.16.svg Show response
gme.providence.org/cms/svg/admin/ 12 KB
6 KB 250ms
143ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/admin/qx2ohghkzzn.16.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

2070b7654ea2a1c56d765bfa9f0d2f523ad4bd60e190fbb45bc5b0f56f786e49

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 28 Sep 2020 15:06:36 GMT
ETag: "1d695a8f5822600"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 5741
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK icon_nav_search.36.svg Show response
gme.providence.org/cms/svg/site/ 619 B
1 KB 245ms
137ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/icon_nav_search.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

eef53ef03ee345ece3a12d53a137674d90457aae0bef1320c0e78df17897f62a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 19:03:37 GMT
ETag: "1d68c5c14ed8a80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 533
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK hvp4zbpkvno.36.svg Show response
gme.providence.org/cms/svg/site/ 32 KB
16 KB 249ms
140ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/hvp4zbpkvno.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

8d20568d7ccf6e52173bd5e6d48a365e2a1bf08cc6c18d566f9b5f393f7f3acd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 06 Oct 2020 22:20:38 GMT
ETag: "1d69c2eeb0dff00"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 15733
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK icon_nav_caret.36.svg Show response
gme.providence.org/cms/svg/site/ 486 B
1 KB 248ms
136ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/icon_nav_caret.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

966dd25e2760905ce39bffdbbe65233639633f7b7ef41b68f5291ccdce3d83a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 19:03:37 GMT
ETag: "1d68c5c14ed8a80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 445
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK icon_mobile_search.36.svg Show response
gme.providence.org/cms/svg/site/ 695 B
1 KB 423ms
184ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/icon_mobile_search.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

63dec81f011352c026901f34dc56fbc01c3c1a05e700d9902003c8e661027cd2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 19:03:37 GMT
ETag: "1d68c5c14ed8a80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 565
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK icon_home.36.svg Show response
gme.providence.org/cms/svg/site/ 810 B
1 KB 422ms
181ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/icon_home.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

9c117cc459dcb284c1c538ab93db5a876b16c25ce7caa764edc7e745992df86f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 19:03:38 GMT
ETag: "1d68c5c15862100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 590
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK icon_caret_right.36.svg Show response
gme.providence.org/cms/svg/site/ 578 B
1 KB 423ms
178ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/icon_caret_right.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

0c70283308363e048b204cb11cc96bd4d16444f8570747fadcd6b6e0dfba5aab

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 19:03:38 GMT
ETag: "1d68c5c15862100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 449
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK icon_caret_down.36.svg Show response
gme.providence.org/cms/svg/site/ 485 B
1 KB 423ms
175ms XHR
image/svg+xml 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to

Full URL

https://gme.providence.org/cms/svg/site/icon_caret_down.36.svg

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/cms/includes/qdyfq9a7l_t.2009081355427.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

2000a3dadf062d21e61c7416295d6fb4045f1f274a12dbafaef5762ace5145e2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Sep 2020 19:03:38 GMT
ETag: "1d68c5c15862100"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml; charset=utf-8
Cache-Control: public
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Vary: Accept-Encoding
Content-Length: 426
X-Content-Type-Options: nosniff
Expires: Thu, 15 Oct 2020 15:17:05 GMT

GET
H/1.1 200
OK logo.png
gme.providence.org/images/assets/ 5 KB
6 KB 156ms
154ms Image
image/png 64.70.194.121
AFFINITY-FTL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gme.providence.org/images/assets/logo.png

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.70.194.121 , United States, ASN3064 (AFFINITY-FTL, US),

Reverse DNS

Software

Resource Hash

669ae85e5e50f5f0d54ff485a05e02a8242e11494de288c5eaa2cf93a346c424

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 04 May 2020 07:54:54 GMT
ETag: "bb55c4ce921d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Thu, 08 Oct 2020 15:17:05 GMT
Content-Security-Policy: default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Accept-Ranges: bytes
Content-Length: 5423
X-Content-Type-Options: nosniff

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 2605
date: Thu, 08 Oct 2020 14:33:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 08 Oct 2020 16:33:40 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 53ms
34ms Script
application/javascript 2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

118825210dc6fa4dd3341f3ff396549154432fe60a88d2a3bb2cda0fbcf3e1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:05 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
status: 200
cache-control: no-cache
content-type: application/javascript
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 GMT

GET
H/1.1 403
Forbidden analytics.gif
s3-us-west-1.amazonaws.com/providence-internal/ 0
0 798ms
178ms Image
application/xml 52.219.116.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-1.amazonaws.com/providence-internal/analytics.gif
Requested by: Host: gme.providence.org
URL: https://gme.providence.org/request-form/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.116.104 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

OPTIONS
H2 200 i.gif
tealium.wheelhousedmg.com/ Frame 0
0 324ms
163ms Other
application/json 143.204.94.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tealium.wheelhousedmg.com/i.gif
Protocol: H2
Server: 143.204.94.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://gme.providence.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 0
date: Thu, 08 Oct 2020 15:17:06 GMT
x-amzn-requestid: 40596779-9131-4f63-aea9-853b82ae40f9
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: UGQJ2Gf0vHcFU0g=
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-cache: Miss from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: VhxPlsqeZLtzeRTp2D9oIj8EF7pCpofLnhH0Qzqb71dpDiavL6Z1HA==

POST
H2 200 i.gif Show response
pc-providence-collect.tealiumiq.com/providence/main/2/ 43 B
757 B 528ms
207ms XHR
image/gif 54.85.26.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pc-providence-collect.tealiumiq.com/providence/main/2/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.26.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-26-63.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYsbFGwnnNJqAEV6i

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
x-serverid: uconnect_i-0680badbcdb5629a1
x-tid: 017508c984ad0015170b8076f0c400078002807000b08
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
status: 200
x-region: us-east-1
x-acc: providence:main:2:datacloud
content-length: 43
pragma: no-cache
x-did: 017508c984ad0015170b8076f0c400078002807000b08
vary: Origin
content-type: image/gif
access-control-allow-origin: https://gme.providence.org
access-control-expose-headers: X-Region
cache-control: no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
x-ulver: b153a5ccbe96f237aafcee48a514097a3588b6b6-SNAPSHOT
x-uuid: b4457776-2799-4e4d-85ff-50e19a781fc5
expires: Thu, 08 Oct 2020 15:17:06 GMT

GET
H/1.1 200
OK ppms.js Show response
phc.piwik.pro/ 65 KB
22 KB 515ms
104ms Script
application/javascript 40.76.202.94
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://phc.piwik.pro/ppms.js?v=ut4.46.202010021648
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dd499ff55f3c2a7bcef3f0f9a43f93cc4cbc00c74eb7a3684ae10c23748c6d66

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
content-encoding: gzip
last-modified: Fri, 11 Sep 2020 13:20:49 GMT
etag: W/"5f5b79b1-102a2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
transfer-encoding: chunked
expires: Sat, 07 Nov 2020 15:17:06 GMT

POST
H2 200 i.gif Show response
tealium.wheelhousedmg.com/ 206 B
574 B 538ms
538ms XHR
application/json 143.204.94.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tealium.wheelhousedmg.com/i.gif
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: abd6addee5503f06b7c222efa3f28a63e5af5a2b3f30e48b759614d51651e4ab

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 8e960fff-99c8-4d54-a63a-bbb30503d46d
status: 200
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5f7f2d72-0492066528d2e19c588d6605;Sampled=0
x-amz-apigw-id: UGQJ6F0CvHcFTmA=
content-length: 206
x-amz-cf-id: KP1nOZzNi-CYkHmXYiL9cnXKBNE1vAyraqiiA0Zsg2tgmFpKaOunLg==

GET
H2 204 177a021a3b1f.js Show response
w.usabilla.com/ Frame 2ACB 0
91 B 226ms
56ms Script
text/plain 52.16.109.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/177a021a3b1f.js?lv=1
Requested by: Host: gme.providence.org
URL: https://gme.providence.org/request-form/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.109.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-109-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 08 Oct 2020 15:17:06 GMT
cache-control: public, max-age=60
x-widget-server: 2.1

GET
H2 200 0226.js Show response
script.crazyegg.com/pages/scripts/0013/ 44 KB
4 KB 47ms
29ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0013/0226.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66ce2afeffbd0d7077630d74400b35127db7681ec526886f037722d7a37a34f

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:05 GMT
content-encoding: gzip
cf-cache-status: HIT
ce-version: 11.1.118
age: 58309
cf-polished: origSize=44989
status: 200
cf-request-id: 05aa629d0a000063bf92b26200000001
last-modified: Wed, 07 Oct 2020 23:05:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 5df0d3a81a9f63bf-FRA
cf-bgj: minify

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 109 KB
35 KB 264ms
36ms Script
text/javascript 99.86.243.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-46.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af1d6a1c86250575c3eca6f153f6a04062587f280805a800980d0f184392f4a3

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: D_ShO_PcTSaKeH8hmPrQKzQOf71kKG3U
content-encoding: gzip
etag: "72879dfebc7b408747b4c4d0a1a99803"
age: 1459
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
last-modified: Thu, 17 Sep 2020 18:28:55 GMT
server: AmazonS3
date: Thu, 08 Oct 2020 14:52:50 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: epnvCdOExzAEoWaZJtmXEzYkt7QL6BBD4veQ5Z6Us8xXD3LSf0ZzDw==

GET
H2 200 utag.116.js Show response
tags.tiqcdn.com/utag/providence/socal-provhealth/prod/ 4 KB
2 KB 156ms
155ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.116.js?utv=ut4.46.202003111747
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b2fc8c0eb3ff28c209b8ac6d6bccd5d8e066cb56cafa41d92681b89959b1d549

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 00:38:07 GMT
server: AkamaiNetStorage
etag: "312fe31204d46802570acd5c4a1f1e4f:1595983087.193397"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1728
expires: Fri, 23 Oct 2020 15:17:06 GMT

GET
H2 200 utag.45.js Show response
tags.tiqcdn.com/utag/providence/socal-provhealth/prod/ 4 KB
2 KB 160ms
159ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.45.js?utv=ut4.46.202006160339
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 86b5f989a5b23508981a52500bafec5ea83d79b208ad99230847697efcc62216

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
content-encoding: gzip
last-modified: Thu, 18 Jun 2020 22:29:39 GMT
server: AkamaiNetStorage
etag: "d6aeeaeb2ca1001324d5d8ca0f1ff5d0:1592519379.63858"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1628
expires: Fri, 23 Oct 2020 15:17:06 GMT

GET
H2 200 utag.16.js Show response
tags.tiqcdn.com/utag/providence/socal-provhealth/prod/ 2 KB
1 KB 164ms
164ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.16.js?utv=ut4.46.201810171950
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 92bef4f67e0d521093fb569f6324fa032789b481165944985b9f135278658fb9

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 00:38:07 GMT
server: AkamaiNetStorage
etag: "8418f7c4280f04018ebd38ee4e900cc8:1595983087.065447"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 977
expires: Fri, 23 Oct 2020 15:17:06 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 14:38:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2293
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 08 Oct 2020 15:38:52 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
566 B 34ms
14ms XHR
application/json 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Oct 2020 15:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gme.providence.org
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vflBXLIHR/ 104 KB
37 KB 27ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vflBXLIHR/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a11b91e727afb0246f5e0b36ae217194395b7ae1af62dc1477971aa3623954d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 13:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177998
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37780
x-xss-protection: 0
last-modified: Tue, 06 Oct 2020 12:28:00 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 14 Oct 2020 13:50:27 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
495 B 33ms
14ms XHR
application/json 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 08 Oct 2020 15:17:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
status: 200
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://gme.providence.org
access-control-expose-headers: content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 11.1.118.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 99 KB
32 KB 20ms
20ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.118.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0013/0226.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9417079952dbe5d1b1bc0bf209d04bcf97459ce3c271837b4d9c45a48e3ecfa

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:05 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 253596
cf-polished: origSize=105320
status: 200
cf-request-id: 05aa629d2c000063bf92b39200000001
last-modified: Mon, 14 Sep 2020 15:45:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 5df0d3a84ac463bf-FRA
cf-bgj: minify

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 6ms
6ms Image
image/gif 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=870283750&t=pageview&_s=1&dl=https%3A%2F%2Fgme.providence.org%2Frequest-form%2F&ul=en-us&de=UTF-8&dt=Request%20Form%20%7C%20Providence%20Residency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAAAAjBAQC~&cid=1339692051.1602170226&tid=UA-51066651-1&_gid=258164931.1602170226&cd11=Request-form&cd29=2020-10-08T15%3A17%3A05.851Z%2B2%3A00&cd32=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&cd33=socal-provhealth%20%7C%20ut4.46.202010021648&cd34=017508c984ad0015170b8076f0c400078002807000b08&z=1821313092

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Oct 2020 19:31:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71163
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mobile.html
tags.tiqcdn.com/utag/providence/cookie-sync/prod/ Frame 6F88 0
0 92ms
91ms Document
text/html 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/providence/cookie-sync/prod/mobile.html
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: tags.tiqcdn.com
:scheme: https
:path: /utag/providence/cookie-sync/prod/mobile.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gme.providence.org/request-form/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://gme.providence.org/request-form/

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "49b27d6ee1013ca06ad018262291d273:1584023954.707119"
last-modified: Thu, 12 Mar 2020 14:39:14 GMT
server: AkamaiNetStorage
content-length: 342
cache-control: max-age=3600
expires: Thu, 08 Oct 2020 16:17:06 GMT
date: Thu, 08 Oct 2020 15:17:06 GMT

GET
H2 200 3ab35af297c911e9af77126a79efb69e.js Show response
d22xmn10vbouk4.cloudfront.net/ 85 KB
20 KB 181ms
65ms Script
text/javascript 52.84.116.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22xmn10vbouk4.cloudfront.net/3ab35af297c911e9af77126a79efb69e.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.116.88 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-116-88.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 722185cd93b89b8f55a1a5c0dfa09b8cdedb73b0b414318e7f98519c11069fd0

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:29:02 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 13:12:40 GMT
server: AmazonS3
age: 74885
etag: "1792cd2d00ea0a30a515d53b63f5f9eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: public, max-age=601
x-amz-cf-pop: SOF50-C1
x-amz-cf-id: ehaCK_4Rw8RifhsfhUM9mkjmHtXnolEMiPNqCqwio2Eumdq0MzxAug==
via: 1.1 06b51ee570aa937143515103d6a51628.cloudfront.net (CloudFront)

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 70ms
24ms Script
application/x-javascript 95.100.78.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.16.js?utv=ut4.46.201810171950

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.100.78.166 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-100-78-166.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2115
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Fri, 17 Jul 2020 18:55:09 GMT
Date: Thu, 08 Oct 2020 15:17:06 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-cache, no-store
ETag: "8bc15cb6b5cd61:0"
Accept-Ranges: bytes
Expires: Thu, 08 Oct 2020 15:17:06 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 40ms
39ms Script
application/x-javascript 104.111.215.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=providence/socal-provhealth/202010021648&cb=1602170226080
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/providence/socal-provhealth/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.136 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-136.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 08 Oct 2020 15:27:06 GMT

GET
H/1.1

200
OK

svrGP.aspx
tracker.providence.org/visitor/v200/
Redirect Chain

https://s1129361478.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=1129361478&ref2=elqNone&tzo=-60&ms=152&optin=disabled&firstPartyCookieDomain=tracker.providence.org
https://tracker.providence.org/visitor/v200/svrGP.aspx?pps=3&siteid=1129361478&ref2=elqNone&tzo=-60&ms=152&optin=disabled&elq1pcGUID=DB94BBE51E754E9C95353580045B2523

49 B
534 B

880ms
259ms

Image
image/gif

142.0.160.57
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.providence.org/visitor/v200/svrGP.aspx?pps=3&siteid=1129361478&ref2=elqNone&tzo=-60&ms=152&optin=disabled&elq1pcGUID=DB94BBE51E754E9C95353580045B2523

Requested by

Host: gme.providence.org
URL: https://gme.providence.org/request-form/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.57 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

mail01.academic.hbsp.harvard.edu

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Thu, 08 Oct 2020 15:17:07 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: private,no-cache, no-store
Content-Type: image/gif
Content-Length: 49
X-XSS-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Thu, 08 Oct 2020 15:17:06 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://tracker.providence.org/visitor/v200/svrGP.aspx?pps=3&siteid=1129361478&ref2=elqNone&tzo=-60&ms=152&optin=disabled&elq1pcGUID=DB94BBE51E754E9C95353580045B2523
Cache-Control: private,no-cache, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 306
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1758/3441913933/ 85 KB
27 KB 100ms
99ms Script
text/javascript 99.86.243.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1758/3441913933/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.46 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-46.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 469edd281e3561bfdc7c86be6738356a897bb0fdf7dd2329dcf95bf0cc1fc923

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: eod2augLs6OHdZhC34CqyvdlUduFoJA9
content-encoding: gzip
last-modified: Tue, 30 Jun 2020 22:20:10 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-C1
etag: "29721a6db8b03e0c507a933ff0f2826f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=300
date: Thu, 08 Oct 2020 15:17:06 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: xeciv6yzuH0XMDqCFxwAcbiW32i4xPDaZXBC0lkLzbgaVcb_sWRDdA==
via: 1.1 6c9f184c491eed5c51abd110e89bd97b.cloudfront.net (CloudFront)

GET
H/1.1 200
OK na.jsonp Show response
pnapi.invoca.net/1758/ 55 B
232 B 421ms
106ms Script
text/plain 107.23.40.26
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pnapi.invoca.net/1758/na.jsonp?network_id=1758&js_version=4.7.4&tag_id=1758%2F3441913933&request_data_shared_params=%7B%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22activity_date%22%3Anull%2C%22activity_source%22%3Anull%2C%22activity_type%22%3Anull%2C%22caller_phone_number%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fgme.providence.org%2Frequest-form%2F%22%2C%22call_type%22%3Anull%2C%22campaign_name%22%3Anull%2C%22gclid%22%3Anull%2C%22hgcrm_agency%22%3Anull%2C%22hgcrm_campaignid%22%3Anull%2C%22hgcrm_channel%22%3Anull%2C%22hgcrm_mockid%22%3Anull%2C%22hgcrm_source%22%3Anull%2C%22hgcrm_tacticid%22%3Anull%2C%22hgcrm_trackingsetid%22%3Anull%2C%22landing_page%22%3A%22https%3A%2F%2Fgme.providence.org%2Frequest-form%2F%22%2C%22piwik_vid%22%3A%22258256349327333c%22%2C%22tealium_vid%22%3A%22017508c984ad0015170b8076f0c400078002807000b08%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%7D&client_messages=%7B%7D&client_info=%7B%22url%22%3A%22https%3A%2F%2Fgme.providence.org%2Frequest-form%2F%22%2C%22referrer%22%3A%22%22%2C%22cores%22%3A16%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22screenWidth%22%3A1600%2C%22screenHeight%22%3A1200%2C%22language%22%3A%22en-US%22%7D&jsoncallback=json_rr1&
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.40.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Goliath /
Resource Hash: db9492e9839fa28c321f6d98aff64c89618e2de5196b2e556088a6801ff59215

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 08 Oct 2020 15:17:06 GMT
Server: Goliath
Connection: keep-alive
processing_time: 0.59425ms
Content-Length: 55

GET
H/1.1 200
OK svrGP Show response
s1129361478.t.eloqua.com/visitor/v200/ 0
369 B 977ms
263ms Script
application/javascript 142.0.160.53
NETDYNAMICS

General

Check archive.org

Show headers Download Go to

Full URL

https://s1129361478.t.eloqua.com/visitor/v200/svrGP?pps=50&siteid=1129361478&DLKey=ac318923e14849f6ae0889dc549fd3cd&DLLookup=&ms=152&firstPartyCookieDomain=tracker.providence.org

Requested by

Host: img.en25.com
URL: https://img.en25.com/i/elqCfg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.53 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Date: Thu, 08 Oct 2020 15:17:07 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: private,no-cache, no-store
Content-Type: application/javascript
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK ppms.php
phc.piwik.pro/ 43 B
168 B 140ms
139ms Image
image/gif 40.76.202.94
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phc.piwik.pro/ppms.php?action_name=Request%20Form%20%7C%20Providence%20Residency&idsite=7904f306-24e7-46be-bb9a-acd73a535f1e&rec=1&r=605572&h=17&m=17&s=6&url=https%3A%2F%2Fgme.providence.org%2Frequest-form%2F&_id=258256349327333c&_idts=1602170225&_idvc=1&_idn=0&_viewts=1602170225&send_image=1&cookie=1&res=1600x1200&dimension2=2020-10-08T15:17:05.851Z+2:00&dimension3=258256349327333c&dimension5=Mozilla/5.0%20(Macintosh;%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/83.0.4103.61%20Safari/537.36&dimension6=socal-provhealth%20|%20ut4.46.202010021648&dimension7=017508c984ad0015170b8076f0c400078002807000b08&gt_ms=406&pv_id=fKDgAn
Requested by: Host: gme.providence.org
URL: https://gme.providence.org/request-form/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.76.202.94 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://gme.providence.org/request-form/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 15:17:06 GMT
content-encoding: none
content-length: 43
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.providence.org/	1970-01-19 22:33:08	Name: ELOQUA Value: GUID=DB94BBE51E754E9C95353580045B2523
.providence.org/	1970-01-19 21:48:26	Name: utag_main Value: v_id:017508c984ad0015170b8076f0c400078002807000b08$_sn:1$_se:1$_ss:1$_st:1602172025839$ses_id:1602170225839%3Bexp-session$_pn:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$_dcsyncran:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
.providence.org/	1970-02-25 01:02:50	Name: invoca_session Value: %7B%22ttl%22%3A%222020-11-07T16%3A17%3A06.311Z%22%2C%22session%22%3A%7B%22utm_medium%22%3A%22direct%22%2C%22utm_source%22%3A%22direct%22%2C%22activity_date%22%3Anull%2C%22activity_source%22%3Anull%2C%22activity_type%22%3Anull%2C%22caller_phone_number%22%3Anull%2C%22calling_page%22%3A%22https%3A%2F%2Fgme.providence.org%2Frequest-form%2F%22%2C%22call_type%22%3Anull%2C%22campaign_name%22%3Anull%2C%22gclid%22%3Anull%2C%22hgcrm_agency%22%3Anull%2C%22hgcrm_campaignid%22%3Anull%2C%22hgcrm_channel%22%3Anull%2C%22hgcrm_mockid%22%3Anull%2C%22hgcrm_source%22%3Anull%2C%22hgcrm_tacticid%22%3Anull%2C%22hgcrm_trackingsetid%22%3Anull%2C%22landing_page%22%3A%22https%3A%2F%2Fgme.providence.org%2Frequest-form%2F%22%2C%22piwik_vid%22%3A%22258256349327333c%22%2C%22tealium_vid%22%3A%22017508c984ad0015170b8076f0c400078002807000b08%22%2C%22utm_campaign%22%3Anull%2C%22utm_content%22%3Anull%2C%22utm_term%22%3Anull%7D%2C%22config%22%3A%7B%22campaignIdOverrideParam%22%3Anull%2C%22campaignIdOverrideValue%22%3Anull%2C%22requirementsNeeded%22%3Atrue%2C%22ce%22%3Atrue%7D%7D
.gme.providence.org/	1969-12-31 23:59:59	Name: _sa Value: #725680678
.providence.org/	1970-01-19 13:02:52	Name: _pk_ses.7904f306-24e7-46be-bb9a-acd73a535f1e.0f16 Value: *
.providence.org/	1970-01-19 13:04:16	Name: _gid Value: GA1.2.258164931.1602170226
.providence.org/	1970-01-20 06:34:02	Name: _ga Value: GA1.2.1339692051.1602170226
gme.providence.org/	1969-12-31 23:59:59	Name: TS01931d6b Value: 0184cfe7a64b04b7328293a8b78243cb97425c9529158344f69e0fce7fe3c942a807819b60c284cdd68f9ff01a58619509ebb3afa93398ec7c7d8f1e37021d338989be0a6096988234ae70a87fad79cb601e82b879febefbbf418f19e9f7ca1d5e6c129a2c
.providence.org/	1970-01-19 13:02:53	Name: AMP_TOKEN Value: %24NOT_FOUND
.providence.org/	1970-01-19 22:28:45	Name: _pk_id.7904f306-24e7-46be-bb9a-acd73a535f1e.0f16 Value: 258256349327333c.1602170225.1.1602170227.1602170225.
gme.providence.org/	1970-01-19 13:45:36	Name: SEOT Value: #1
gme.providence.org/	1970-01-19 21:48:26	Name: _tz Value: Europe%2FBerlin
.providence.org/request-form/	1970-01-19 13:02:50	Name: _pk_id.7904f306-24e7-46be-bb9a-acd73a535f1e.0f16 Value: 258256349327333c.1602170225.1.1602170225.1602170225.
gme.providence.org/	1969-12-31 23:59:59	Name: T Value: !!
.providence.org/	1970-01-19 13:10:02	Name: AMP_ECID_GOOGLE Value: 017508c984ad0015170b8076f0c400078002807000b08
.providence.org/	1970-01-19 15:12:26	Name: _fbp Value: fb.1.1602170224412.1720824832
gme.providence.org/	1970-01-19 13:45:36	Name: SEOV Value: #1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * blob: data: cid:; img-src * data: cid: 'unsafe-inline'; media-src * data: blob:; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; style-src * blob: data: 'unsafe-inline'; style-src-elem * blob: data: 'unsafe-inline', font-src * data:
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
connect.facebook.net
d22xmn10vbouk4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gme.providence.org
img.en25.com
pc-providence-collect.tealiumiq.com
phc.piwik.pro
pnapi.invoca.net
s.ytimg.com
s1129361478.t.eloqua.com
s3-us-west-1.amazonaws.com
sa.scorpiondesign.com
script.crazyegg.com
solutions.invocacdn.com
tags.tiqcdn.com
tealium.wheelhousedmg.com
tracker.providence.org
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.scorpioncms.com
www.youtube.com
104.111.215.136
107.23.40.26
142.0.160.53
142.0.160.57
143.204.94.27
2606:4700::6813:9408
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:816::200e
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::200e
2a00:1450:4001:81f::200e
2a00:1450:4001:825::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
40.76.202.94
52.16.109.72
52.219.116.104
52.84.116.88
54.85.26.63
64.70.194.112
64.70.194.121
64.70.194.202
95.100.78.166
99.86.243.46
0c70283308363e048b204cb11cc96bd4d16444f8570747fadcd6b6e0dfba5aab
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e1fe6a830e16dab66ff5127e5a6fb86de60f2a7804b85404ae41f7fcdc2134f
106602c2a1dc1842db2d02444dd04ce9c54a87978551bc2c3af91880aba4422a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118825210dc6fa4dd3341f3ff396549154432fe60a88d2a3bb2cda0fbcf3e1f1
1f045d5e0a2c3521720a636ebc3fcfdeedec49d980a7f86618d3715259c85099
2000a3dadf062d21e61c7416295d6fb4045f1f274a12dbafaef5762ace5145e2
2070b7654ea2a1c56d765bfa9f0d2f523ad4bd60e190fbb45bc5b0f56f786e49
29338a5c6426e5dcc7337eaa9ed4e61db6d1f6f199c2513effdeaf68a0edf1ff
2a11b91e727afb0246f5e0b36ae217194395b7ae1af62dc1477971aa3623954d
3060bfb49449f9da9023e55f9b973d2f0cb4934f246b87d8a7cacbb654bf3d70
30d9d8a8c7e8d5eb3052f8d072fa2aea98d3e5309d09db4ef49cb15b7e936bb8
3c18ea61d1c27eb4e4a2e429525eef024a1bdda8064d252203ea6a4eb4f2fbe7
469edd281e3561bfdc7c86be6738356a897bb0fdf7dd2329dcf95bf0cc1fc923
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59263ef147434d164b45f306a34885fd0754814d8f726fe9acf9a665c97135f9
5c4d639508717af20002ecb5f408ddc82b27802aae76848c61aa9b4c2b75081a
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63dec81f011352c026901f34dc56fbc01c3c1a05e700d9902003c8e661027cd2
669ae85e5e50f5f0d54ff485a05e02a8242e11494de288c5eaa2cf93a346c424
6b4ebd6049c806e3eef1bd770b2d8b4fdd75803861ead3584ee753e41988efae
722185cd93b89b8f55a1a5c0dfa09b8cdedb73b0b414318e7f98519c11069fd0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86b5f989a5b23508981a52500bafec5ea83d79b208ad99230847697efcc62216
8d20568d7ccf6e52173bd5e6d48a365e2a1bf08cc6c18d566f9b5f393f7f3acd
92bef4f67e0d521093fb569f6324fa032789b481165944985b9f135278658fb9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
966dd25e2760905ce39bffdbbe65233639633f7b7ef41b68f5291ccdce3d83a8
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9c117cc459dcb284c1c538ab93db5a876b16c25ce7caa764edc7e745992df86f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
abd6addee5503f06b7c222efa3f28a63e5af5a2b3f30e48b759614d51651e4ab
ad53a3b0148482c41e2c767fa2d4a03587fc97af56d96597f15df8d1edfefce2
af1d6a1c86250575c3eca6f153f6a04062587f280805a800980d0f184392f4a3
b2fc8c0eb3ff28c209b8ac6d6bccd5d8e066cb56cafa41d92681b89959b1d549
b5101b240b5804bb417f80d559c93e6021b168774d1028a48b59efe917992816
b5eb6fecca494a83b5fb806facb555fb6cfd0f1a2e43aa2dfc3fb062d9794297
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d66ce2afeffbd0d7077630d74400b35127db7681ec526886f037722d7a37a34f
d9417079952dbe5d1b1bc0bf209d04bcf97459ce3c271837b4d9c45a48e3ecfa
db9492e9839fa28c321f6d98aff64c89618e2de5196b2e556088a6801ff59215
dd499ff55f3c2a7bcef3f0f9a43f93cc4cbc00c74eb7a3684ae10c23748c6d66
dd91c609c18fad3b2b2faec656d7faf3a1f3f65c2107c15a942d038b80be65d6
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eef53ef03ee345ece3a12d53a137674d90457aae0bef1320c0e78df17897f62a
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f21eff17a8ab3c539e671f52247b797f8b7d2833557548e096a086f75b78383d
fabe1fa243a8b690e64f950ba1f0b034a91430e1fa3fd4ff790c32ef4b327f66

gme.providence.org Open in urlscan Pro 64.70.194.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

58 Requests

100 %HTTPS

40 %IPv6

24 Domains

25 Subdomains

26 IPs

5 Countries

723 kBTransfer

2143 kBSize

17 Cookies

22 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gme.providence.org Open in urlscan Pro
64.70.194.121 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

40 %
IPv6

24
Domains

25
Subdomains

26
IPs

5
Countries

723 kB
Transfer

2143 kB
Size

17
Cookies

58 HTTP transactions
1 data transactions