occmed.sanfordhealth.org Open in urlscan Pro
13.89.237.102 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://occmed.sanfordhealth.org/resources
Submission: On March 31 via api (March 31st 2020, 7:58:58 pm UTC) from US

Summary HTTP 59 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 24 domains to perform 59 HTTP transactions. The main IP is 13.89.237.102, located in Des Moines, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is occmed.sanfordhealth.org.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on January 28th 2020. Valid for: 3 months.

This is the only time occmed.sanfordhealth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	13.89.237.102 13.89.237.102	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.194.81 13.224.194.81	16509 (AMAZON-02) (AMAZON-02)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	147.75.33.131 147.75.33.131	54825 (PACKET) (PACKET)
1 4	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.0.71.65 52.0.71.65	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:820::2003	15169 (GOOGLE) (GOOGLE)
1	92.122.255.233 92.122.255.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
2	147.75.102.239 147.75.102.239	54825 (PACKET) (PACKET)
2	95.101.177.202 95.101.177.202	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	82.199.68.73 82.199.68.73	15830 (EQUINIX-C...) (EQUINIX-CONNECT-EMEA)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	104.17.209.240 104.17.209.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:fc05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:f905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
59	27

15 13.89.237.102 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

occmed.sanfordhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-81.fra2.r.cloudfront.net

static.cloud.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.33.131 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress7

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.71.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-71-65.compute-1.amazonaws.com

usageanalytics.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.255.233 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-255-233.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.102.239 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.177.202 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-177-202.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.73 (Netherlands)

ASN15830 (EQUINIX-CONNECT-EMEA, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)

zncyxqo8pq1nl14p3-sanford.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fc05 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sanfordhealth.org occmed.sanfordhealth.org	2 MB
5	googleapis.com fonts.googleapis.com maps.googleapis.com	122 KB
4	facebook.com www.facebook.com graph.facebook.com	1 KB
4	gstatic.com fonts.gstatic.com	36 KB
4	google-analytics.com 1 redirects www.google-analytics.com	18 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	17 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	71 KB
3	addthis.com s7.addthis.com	190 KB
3	coveo.com static.cloud.coveo.com usageanalytics.coveo.com	10 KB
2	hubspot.com track.hubspot.com forms.hubspot.com	1010 B
2	facebook.net connect.facebook.net	142 KB
2	bing.com bat.bing.com	8 KB
1	qualtrics.com zncyxqo8pq1nl14p3-sanford.siteintercept.qualtrics.com	19 KB
1	hs-analytics.net js.hs-analytics.net	22 KB
1	hsleadflows.net js.hsleadflows.net	61 KB
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	addthisedge.com v1.addthisedge.com	694 B
1	hs-scripts.com js.hs-scripts.com	758 B
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	377 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	160 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
1	jsdelivr.net cdn.jsdelivr.net	2 KB
59	24

	Domain	Requested by
15	occmed.sanfordhealth.org	occmed.sanfordhealth.org
4	fonts.gstatic.com	occmed.sanfordhealth.org s7.addthis.com www.google-analytics.com
4	www.google-analytics.com	1 redirects www.googletagmanager.com
4	maps.googleapis.com	occmed.sanfordhealth.org maps.googleapis.com
3	s7.addthis.com	occmed.sanfordhealth.org s7.addthis.com
2	graph.facebook.com	s7.addthis.com
2	www.facebook.com	occmed.sanfordhealth.org
2	connect.facebook.net	occmed.sanfordhealth.org connect.facebook.net
2	secure-ds.serving-sys.com	www.googletagmanager.com secure-ds.serving-sys.com
2	usageanalytics.coveo.com	static.cloud.coveo.com occmed.sanfordhealth.org
2	bat.bing.com	www.googletagmanager.com occmed.sanfordhealth.org
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	zncyxqo8pq1nl14p3-sanford.siteintercept.qualtrics.com	occmed.sanfordhealth.org
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	vars.hotjar.com	static.hotjar.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	v1.addthisedge.com	s7.addthis.com
1	js.hs-scripts.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	www.google.de	occmed.sanfordhealth.org
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	z.moatads.com	s7.addthis.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googletagmanager.com	occmed.sanfordhealth.org
1	cdn.jsdelivr.net	occmed.sanfordhealth.org
1	static.cloud.coveo.com	occmed.sanfordhealth.org
1	fonts.googleapis.com	occmed.sanfordhealth.org
59	31

This site contains links to these domains. Also see Links.

Domain
www.sanfordhealth.org
www.mysanfordchart.org
systoc.sanfordhealth.org
app.globalsafetynetwork.com
sanfordhealth.formstack.com
www.cdc.gov
www.osha.gov
www.oshrc.gov
www.fmcsa.dot.gov
www.transportation.gov
blogs.cdc.gov
r20.rs6.net

Subject Issuer	Validity	Valid
www.sanfordhealth.org GeoTrust EV RSA CA 2018	`2020-01-28` - `2020-04-29`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.cloud.coveo.com Go Daddy Secure Certificate Authority - G2	`2019-08-06` - `2021-08-06`	2 years	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-22` - `2020-08-30`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.coveo.com Go Daddy Secure Certificate Authority - G2	`2019-12-04` - `2020-12-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
ssl817706.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-01-21` - `2020-07-29`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-11-06` - `2020-05-14`	6 months	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2018-10-08` - `2021-01-06`	2 years	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-12-04` - `2020-10-09`	10 months	crt.sh

This page contains 2 frames:

Primary Page: https://occmed.sanfordhealth.org/resources
Frame ID: 5C37A15CB9B6B519F09A0A2EF82C0152
Requests: 58 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 568A9E2D23437F47EAAC8FA4EEE8E902
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

59
Requests

100 %
HTTPS

62 %
IPv6

24
Domains

31
Subdomains

27
IPs

7
Countries

2324 kB
Transfer

6481 kB
Size

16
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sanfordhealth.org/conditions-diseases/coronavirus-disease-2019-covid-19?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955
Title: Coronavirus (COVID-19) Information

Search URL Search Domain Scan URL

URL: https://www.mysanfordchart.org/mychart/
Title: sign in

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/alerts-and-announcements?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955
Title: visitor restrictions

Search URL Search Domain Scan URL

URL: https://systoc.sanfordhealth.org/isystoc/login.aspx
Title: Web-Based Reporting Login

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/patients-and-visitors/billing-and-insurance/pay-your-bill?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955
Title: Pay Your Bill

Search URL Search Domain Scan URL

URL: https://app.globalsafetynetwork.com/
Title: Background Screen Login

Search URL Search Domain Scan URL

URL: https://sanfordhealth.formstack.com/forms/clearinghouse_reporting
Title: Complete the Form

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/doctors?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955#q=Occupational%20Medicine&radius=1000
Title: Sanford OccMed providers

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/nccdphp/dnpao/hwi/index.htm
Title: Healthier Worksite Initiatives

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/niosh/about/default.html
Title: National Institute for Occupational Safety and Health (NIOSH)

Search URL Search Domain Scan URL

URL: https://www.osha.gov/
Title: Occupational Safety and Health Administration (OSHA)

Search URL Search Domain Scan URL

URL: http://www.oshrc.gov/
Title: Occupational Safety and Health Review Commissions (OSHRC)

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/nccdphp/dnpao/hwi/toolkits/
Title: The National Healthy Worksite Toolkit

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/workplacehealthpromotion/
Title: The Workplace Health Promotion

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/niosh/twh/
Title: Total Worker Health

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/niosh/twh/practices.html
Title: Total Worker Health Best Practices

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/niosh/twh/webinar.html
Title: Total Worker Health Webinars

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/workathealth/
Title: Work@Health Program

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/healthscorecard/
Title: Worksite Health ScoreCard

Search URL Search Domain Scan URL

URL: http://www.cdc.gov/covid-19
Title: OSHA COVID-19 website

Search URL Search Domain Scan URL

URL: https://www.osha.gov/Publications/OSHA3990.pdf
Title: OSHA COVID-19 Employer Handbook

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/coronavirus/2019-ncov/php/risk-assessment.html#t2
Title: General public recommendations for risk assessment and return/stay at work

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/coronavirus/2019-ncov/hcp/guidance-risk-assesment-hcp.html
Title: Health care recommendations for risk assessment and return/stay at work

Search URL Search Domain Scan URL

URL: https://www.fmcsa.dot.gov/emergency/fmcsa-cdl-waiver-32420
Title: FMCSA waiver for commercial motor vehicle operators

Search URL Search Domain Scan URL

URL: https://www.transportation.gov/sites/dot.gov/files/2020-03/DOT_Guidance_on_Compliance_with_Drug_and_Alcohol_Testing_Regulations.pdf
Title: DOT drug testing update

Search URL Search Domain Scan URL

URL: https://blogs.cdc.gov/niosh-science-blog/2020/03/16/n95-preparedness/
Title: Proper N95 Respirator use during the crisis

Search URL Search Domain Scan URL

URL: https://www.cdc.gov/coronavirus/2019-ncov/prepare/disinfecting-building-facility.html
Title: Disinfecting facilities recommendations

Search URL Search Domain Scan URL

URL: http://r20.rs6.net/tn.jsp?f=001mX3Ja_R8xBr08qVMQZ1XWF4bnABF3_4my3UVUePltG4Tn-Emw8YJ2WfJ5eRuFz4ldNB40sYzzX7s-IdANwWUDG7fTWtyrA18Rod77iIZcY1w3hjWgAXrugKKWDe_vwyBx1CHkpP9pT5DibgXyWHDcEBHsZniTDUru_-5i1TM1V8IXjg-V1y7ZDNe8Vl3hHfkaC0j2cRDP2AS9BFOlqMpdvr8pFqO8laFyKk-bVzcaOm51tfiEhn07ZkeDgVEwLnHH9XEai7CWH5sLKAbpQYf89-VtUv39etjWswNsa3oxlg=&c=77gLta4Haxj7f-OLVKJVE0ecdpm8HKrD5YwJH_sXL2tYvOeBZEUjkQ==&ch=A9n2zqdzZaxxvWhfxjr5kU8YtcmRDlfIZKV_Sn88OvokO5lJVqo9LA==
Title: Donation of surplus masks and respirators for health care workers

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/doctors?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955#f:_4C50B884-BF28-483D-8DB5-7F44F1CCAB34=[Occupational%20Medicine]&address={{addresstoken}}
Title: Our Doctors

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955
Title: Sanford Health Website

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/terms-and-conditions?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/privacy-statement?__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&__hsfp=818329955
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=699338009&t=pageview&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&ul=en-us&de=UTF-8&dt=Resources%20%7C%20Sanford%20OccMed&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=1149051745&gjid=2047629359&cid=1981314030.1585684720&tid=UA-17672572-22&_gid=1394718144.1585684720&_r=1&gtm=2wg3i0PHTXJVD&z=912900340 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_gid=1394718144.1585684720&gjid=2047629359&_v=j81&z=912900340 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_v=j81&z=912900340 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_v=j81&z=912900340&slf_rd=1&random=2933232447

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set resources Show response
occmed.sanfordhealth.org/ 43 KB
13 KB 1368ms
683ms Document
text/html 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c13bb2f832138d95229bde79bad63173fb94ed0c06e4a480efb7ae52a29b07ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Host: occmed.sanfordhealth.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Set-Cookie: ASP.NET_SessionId=25434gkd410nppytyxa1bfca; path=/; HttpOnly; SameSite=Lax
Strict-Transport-Security: max-age=300; includeSubDomains
Date: Tue, 31 Mar 2020 19:58:36 GMT
Content-Length: 13378

GET
H/1.1 200
OK sanford-service.min.css
occmed.sanfordhealth.org/styles/ 289 KB
73 KB 2302ms
2301ms Stylesheet
text/css 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/styles/sanford-service.min.css?v=hRin7wLD58zCqdgF5q6BiSrNgCk4sQOF3QWPVFEvRZI1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e2b5677607e4f027d3b5fdfd62bda3a6b3daa7c14f2e689d7760b3ad672c8de3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Tue, 31 Mar 2020 19:58:39 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:38 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Expires: Wed, 31 Mar 2021 19:58:39 GMT

GET
H/1.1 200
OK sanford-service-head.min.js Show response
occmed.sanfordhealth.org/Scripts/ 13 KB
7 KB 2420ms
2128ms Script
text/javascript 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Scripts/sanford-service-head.min.js?v=JV_fZUizqVoEUe5xjzTZbndDU0VA7YfQAt3GYxBWnEA1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0c943d40a865e7df780e8ed6a02b8e0147d33ebcd9ca8926927073c84194c71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 19:58:39 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 31 Mar 2020 19:58:38 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 6352
Expires: Wed, 31 Mar 2021 19:58:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1006 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae5488ca14a63553b75c3a76150229a55a65267a1de90ede6d50f96a58982d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 19:58:36 GMT
server: ESF
date: Tue, 31 Mar 2020 19:58:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Mar 2020 19:58:36 GMT

GET
H2 200 coveoua.js Show response
static.cloud.coveo.com/coveo.analytics.js/ 31 KB
8 KB 108ms
33ms Script
application/javascript 13.224.194.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveo.analytics.js/coveoua.js
Requested by: Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-81.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f6537f85f71e5ca9672d7cb7d73eebc9cbbbba5233b04ca04f0983d2283ecca

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 08:49:35 GMT
content-encoding: gzip
last-modified: Fri, 09 Feb 2018 20:37:46 GMT
server: AmazonS3
age: 40143
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: A-JyScuhkQD32nqsgsGZmbx-Rtuy03VAfRKyjvuMQlwnQDoDZzRHng==
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 100ms
33ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: W/"5e2765c1-57446"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Tue, 31 Mar 2020 19:58:37 GMT
x-host: s7.addthis.com
content-length: 114924

GET
H/1.1 200
OK occ-med-2c.png
occmed.sanfordhealth.org/-/media/occmed/images/ 11 KB
11 KB 1838ms
1291ms Image
image/png 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/occ-med-2c.png?w=174&h=72&hash=9A3003400FDEEAC2B51052F5BB8E52B563A1628A

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d0873062e23aac223cae246eb0e36e0e9f8d59bcfbdc38658de4e4f05ec18e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Tue, 24 Dec 2019 16:23:31 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:37 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=604800
Content-Length: 11087
Expires: Tue, 07 Apr 2020 19:58:38 GMT

GET
H/1.1 200
OK CoveoFullSearch-service.min.css
occmed.sanfordhealth.org/Coveo/css/ 280 KB
54 KB 1008ms
719ms Stylesheet
text/css 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Coveo/css/CoveoFullSearch-service.min.css?v=Ab74TxaK2Us9m5zdNFGisL-4ABoPTSD0nPCsz2ntPWk1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b2f112976466b06600b7bd21c1a6a0ce876d4464e893341ffd1aab6f82023663

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 31 Mar 2020 19:58:37 GMT
Server: Microsoft-IIS/8.5
X-Frame-Options: SAMEORIGIN
Date: Tue, 31 Mar 2020 19:58:37 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 54749
Expires: Wed, 31 Mar 2021 19:58:37 GMT

GET
H/1.1 200
OK CoveoJsSearch-service.min.js Show response
occmed.sanfordhealth.org/coveo/js/ 2 MB
543 KB 315ms
315ms Script
text/javascript 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/coveo/js/CoveoJsSearch-service.min.js?v=WI_X2w0uYxlC5tSpkNuZzhxJcWScDvD7bRF8Dn4Wb_41

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

84f27a809fcaf3a77c5de01c43f08cceaa87caafca898ec59c8408368d57d064

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Tue, 31 Mar 2020 19:58:38 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:37 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Expires: Wed, 31 Mar 2021 19:58:38 GMT

GET
H/1.1 200
OK en.js Show response
occmed.sanfordhealth.org/Coveo/js/cultures/ 44 KB
7 KB 225ms
224ms Script
application/javascript 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Coveo/js/cultures/en.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

267e03b73d1ac6e609b3eeae77b56ff00c1200179d319fc8096351da73c85320

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 15 May 2019 18:21:04 GMT
Server: Microsoft-IIS/8.5
ETag: "028cff44abd51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=604800
Date: Tue, 31 Mar 2020 19:58:38 GMT
Accept-Ranges: bytes
Content-Length: 7125

GET
H/1.1 200
OK occ-med-2c.png
occmed.sanfordhealth.org/-/media/occmed/images/ 11 KB
11 KB 177ms
176ms Image
image/png 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/occ-med-2c.png?h=72&la=en&w=174&hash=DF3CB2F5F3020C7EACDFDE0C3F1B93D32B4F5AB4

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d0873062e23aac223cae246eb0e36e0e9f8d59bcfbdc38658de4e4f05ec18e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Tue, 24 Dec 2019 16:23:31 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:38 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: private, max-age=604800
Content-Length: 11087
Expires: Tue, 07 Apr 2020 19:58:39 GMT

GET
H/1.1 200
OK sanford-service-body.min.js Show response
occmed.sanfordhealth.org/Scripts/ 931 KB
353 KB 142ms
142ms Script
text/javascript 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Scripts/sanford-service-body.min.js?v=iw2JL3xfA8pT92BgJirA1OV1MUItzi_3DvEQmmS5-VQ1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

6ee6fe8fdd2e8dc749ae84597219058558561eff30cdc8597414a562c6a91ef2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Vary: User-Agent,Accept-Encoding
Last-Modified: Tue, 31 Mar 2020 19:58:39 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:38 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked
Expires: Wed, 31 Mar 2021 19:58:39 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdn.jsdelivr.net/jquery.lazy/1.7.5/ 5 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.lazy/1.7.5/jquery.lazy.min.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29be51bcc039f93f4b9c62a3f77f512b07815494fc6eefcb9f183a53b90e0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1915865
cf-ray: 57cca577ee45dfd7-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21031-AMS, cache-fra19135-FRA
server: cloudflare
etag: W/"1392-jt9bla4L+gvh4f5ZyiOxGz/05wc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 122 KB
40 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9f4a366ab8f5d167119d9f9f32f082c6f044b75acbed007e0657ba3eefd13a03

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
vary: Accept-Language
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=29
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 40302
x-xss-protection: 0
expires: Tue, 31 Mar 2020 20:28:39 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 141 KB
39 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

068814d6894f554d2bb82ecb849542562db62054c5570ca921a874cb3cbe4859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 40097
x-xss-protection: 0
last-modified: Tue, 31 Mar 2020 18:44:45 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 31 Mar 2020 19:58:39 GMT

GET
H2 200 hotjar-1431697.js Show response
static.hotjar.com/c/ 3 KB
2 KB 167ms
103ms Script
application/javascript 147.75.33.131
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1431697.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.33.131 Amsterdam, Netherlands, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress7

Software

Resource Hash

886dc536b295c06673f49567f9d48d043e2a34e0b9c5e52e87f668cd22bb4888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/21618d16c3c850f8f2c46677db843d86
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.072
accept-ranges: bytes
section-io-id: 28b5dee9303414ef660428be66649549
section-origin-responded: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 4804
date: Tue, 31 Mar 2020 18:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 31 Mar 2020 20:38:35 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 33ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 02:21:04 GMT
x-msedge-ref: Ref A: 0C2DD3EC3390463BA79FEAF3C058D7B7 Ref B: FRAEDGE1113 Ref C: 2020-03-31T19:58:39Z
access-control-allow-origin: *
etag: "0682da95fdd51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7461

GET
H/1.1 200
OK svg-sprite.svg
occmed.sanfordhealth.org/ 0
61 KB 170ms
169ms Other
text/xml 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/svg-sprite.svg

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:38 GMT
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked

OPTIONS
H/1.1 200
OK view Show response
usageanalytics.coveo.com/rest/v15/analytics/ 0
479 B 509ms
130ms Fetch 52.0.71.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usageanalytics.coveo.com/rest/v15/analytics/view

Requested by

Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveo.analytics.js/coveoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.71.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-71-65.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Access-Control-Request-Method: POST
Origin: https://occmed.sanfordhealth.org
Referer: https://occmed.sanfordhealth.org/resources
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,content-type

Response headers

Date: Tue, 31 Mar 2020 19:58:39 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
Access-Control-Allow-Origin: https://occmed.sanfordhealth.org
Access-Control-Max-Age: 3600
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Origin, Accept, X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 17:00:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1825071
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Wed, 10 Mar 2021 17:00:48 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 28 Mar 2020 00:54:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 327828
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Sun, 28 Mar 2021 00:54:51 GMT

GET
H/1.1 200
OK svg-sprite.svg
occmed.sanfordhealth.org/ 135 KB
61 KB 318ms
317ms Other
text/xml 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/svg-sprite.svg

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

414d92d40962f721675cdba0a4cfc0084f04229cc51bdbb70ded9876eeacc099

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:38 GMT
Vary: Accept-Encoding
Content-Type: text/xml; charset=utf-8
Cache-Control: public
Transfer-Encoding: chunked

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Mar 2020 23:56:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:44 GMT
server: sffe
age: 1800145
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9180
x-xss-protection: 0
expires: Wed, 10 Mar 2021 23:56:14 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 83ms
30ms Script
application/x-javascript 92.122.255.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.255.233 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-255-233.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 856A1C30AF996178
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=62170
accept-ranges: bytes
content-length: 948
x-amz-id-2: 9isaeXbmv6Uyrcput8WAQuznmhBqNkP/zv2O4JD93wn1AD+qyk2JmFg767pwei8+CrOtEhpcBVc=

GET
H/1.1 200
OK 019048-00612-web-occmed-resources-1375x298.jpg
occmed.sanfordhealth.org/-/media/occmed/images/resources/ 77 KB
77 KB 183ms
183ms Image
image/jpeg 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/resources/019048-00612-web-occmed-resources-1375x298.jpg?w=1375&h=298&hash=13A78147976AA799432182332CF90FF5C68AA4DB

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9733ef6091f5e357fbfb8b878ab13f98e9fbd61e6de590a411ee0c2306de472e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Fri, 17 Jan 2020 15:10:46 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:38 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Length: 78585
Expires: Tue, 07 Apr 2020 19:58:39 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 06 Mar 2020 05:04:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 2213639
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9192
x-xss-protection: 0
expires: Sat, 06 Mar 2021 05:04:40 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=699338009&t=pageview&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&ul=en-us&de=UTF-8&dt=Resources%20%7C%20Sanford%20OccMed&sd=24...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_gid=1394718144.1585684720&gjid=2047629359&_v=j81&z=912900340
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_v=j81&z=912900340
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_v=j81&z=912900340&slf_rd=1&random=2933232447

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_v=j81&z=912900340&slf_rd=1&random=2933232447

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 19:58:39 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Mar 2020 19:58:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-17672572-22&cid=1981314030.1585684720&jid=1149051745&_v=j81&z=912900340&slf_rd=1&random=2933232447
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5230470&Ver=2&mid=11cc101f-9977-71b6-ecac-ba0c9dd67ec5&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Resources%20%7C%20Sanford%20OccMed&p=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&r=&evt=pageLoad&msclkid=N&rn=522041
Requested by: Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Tue, 31 Mar 2020 19:58:39 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 7991E0876D604DD3AF8765DF9D3B0018 Ref B: FRAEDGE1113 Ref C: 2020-03-31T19:58:39Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.0be5265654b49cdd90f7.js Show response
script.hotjar.com/ 366 KB
69 KB 94ms
32ms Script
application/javascript 147.75.102.239
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.0be5265654b49cdd90f7.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1431697.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash: 5fc4e4032f2d2422b3ed9aed5939d32ae61e9da53a8971fbfb8acc36f9c81557

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: br
content-type: application/javascript
age: 21711
status: 200
section-io-cache: Hit
content-length: 70605
last-modified: Tue, 31 Mar 2020 13:52:12 GMT
etag: "56b2ecfcb4fef63e26e80d0c277b1347"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.024
accept-ranges: bytes
section-io-id: eab49cc470fe856971ceafe7ff8de6ae
section-origin-responded: true

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 74ms
32ms Script
application/javascript 95.101.177.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.177.202 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-177-202.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ARR/2.5, ASP.NET
Resource Hash: 8b1b658d04b568f6f3e2fb2698ae8c303b9a6b38d4a71d9e86bac63d17fed58f

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: gzip
etag: W/"64c3831a526d61:0"
last-modified: Mon, 30 Mar 2020 05:14:35 GMT
server: Microsoft-IIS/8.5
access-control-allow-origin: *
x-powered-by: ARR/2.5, ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=438
accept-ranges: bytes
content-length: 15726

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: LpCsIN+ShXTMru/GQk0d5S9nSceFIOSKjAJ1wvT1ktkVOTviTZoPZ9Yp6rWeYwF7cGp08TciFi27RQ1nimi2Vw==
x-fb-trip-id: 1850256238
date: Tue, 31 Mar 2020 19:58:39 GMT, Tue, 31 Mar 2020 19:58:39 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2204273.js Show response
js.hs-scripts.com/ 877 B
758 B 621ms
621ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2204273.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa00fc745707cd877bdb8e4c5bf3d90e03ee0ca800581b49fe7be8a0a93808fe

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:40 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
status: 200
access-control-max-age: 3600
content-length: 467
server: cloudflare
x-trace: 2B056620E7E803BACE1CA2DABDE159830EF397177D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://occmed.sanfordhealth.org
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 57cca579fce81756-FRA
expires: Tue, 31 Mar 2020 19:59:40 GMT

GET
H2 200 158452134738346 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 60ms
60ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/158452134738346?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c633e73b261b6b149fbe0a800c49f1a0b05dd617511a128a7d4de026582e16f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: /G+bFCtTeZ+jtsE+iMezzVLyG51Tw/jDq2HWjsG9VDe4//RnJnCQ0Yp4v0rbvIBGksVZ6eWjSTlAaLyzFO1eiQ==
x-fb-trip-id: 1850256238
date: Tue, 31 Mar 2020 19:58:39 GMT, Tue, 31 Mar 2020 19:58:39 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 10273 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/ 2 KB
803 B 178ms
130ms XHR
application/octet-stream 95.101.177.202
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/10273
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.101.177.202 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-177-202.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 2097ebf3007389d0b721a6809b085de03c25085a600477255cd04a5cc8d4bf75

Request headers

Referer: https://occmed.sanfordhealth.org/resources
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: FqHtpCzjCinkYxB0v5gJqmRII60yFyqm
content-encoding: gzip
etag: "69cee56121c5b948177804585d271da8"
x-amz-request-id: 9C250FC510BF4646
status: 200
x-amz-replication-status: COMPLETED
content-length: 445
x-amz-id-2: Tnp9I/2pIyU/B3kA5DpAOburxUIEuIkP9ZhkAZKIu6CpxDxFDIbiq3GwBDGxYS/eGrKHukj1QwA=
last-modified: Fri, 09 Aug 2019 14:25:49 GMT
server: ATS/7.1.0
date: Tue, 31 Mar 2020 19:58:39 GMT
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=178
accept-ranges: bytes

GET
H2 200 /
www.facebook.com/tr/ 44 B
248 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=PageView&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&rl=&if=false&ts=1585684719782&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585684719782.1895028406&it=1585684719696&coo=false&rqm=GET

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT, Tue, 31 Mar 2020 19:58:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Mar 2020 19:58:39 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e389279ab8db86a/ 1 KB
694 B 259ms
258ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e389279ab8db86a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c7feac530608af73a120942c820e7a17b4f489356df4b43d0e4c5ab77b29cae0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:40 GMT
content-encoding: gzip
etag: 949821096--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 520

GET
H/1.1 200
OK 019048-00611-web-occmed-training-for-purchase-690x402.jpg
occmed.sanfordhealth.org/-/media/occmed/images/resources/training-for-purchase/ 97 KB
98 KB 415ms
414ms Image
image/jpeg 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/resources/training-for-purchase/019048-00611-web-occmed-training-for-purchase-690x402.jpg?w=690&h=402&hash=9A21B5D790DB43E1134CB1BE8AD18C3969F9DD12

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

66bd096c27fdb2a43d841fd64410ea4d4f1e0e3754ba2888f4bff74e22b4bd65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Fri, 17 Jan 2020 20:12:30 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:40 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Length: 99587
Expires: Tue, 07 Apr 2020 19:58:40 GMT

GET
H/1.1 200
OK 019048-00615-web-occmed-articles-690x402.jpg
occmed.sanfordhealth.org/-/media/occmed/images/resources/article-library/ 123 KB
124 KB 249ms
249ms Image
image/jpeg 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/resources/article-library/019048-00615-web-occmed-articles-690x402.jpg?w=690&h=402&hash=78745DF4C7C6E0876BCE5EC780320A1D42EEAE4A

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1052ca0a5685ca3badc6eb9e947612b913e826b4cdc0a37eb67bcf6cf47e3720

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Fri, 17 Jan 2020 15:17:08 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 31 Mar 2020 19:58:40 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: private, max-age=604800
Content-Length: 126161
Expires: Tue, 07 Apr 2020 19:58:40 GMT

GET
H2 200 17092940.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 79ms
24ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/17092940.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:39 GMT
content-encoding: gzip
age: 30036853
x-cache: HIT
status: 200
content-length: 5672
x-served-by: cache-fra19182-FRA
last-modified: Tue, 16 Apr 2019 18:11:35 GMT
server: Apache
cache-control: max-age=86400
x-timer: S1585684720.985668,VS0,VE0
etag: "43cc-586a9b30b23c0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
expires: Mon, 16 Apr 2029 04:24:25 GMT
x-vimeo-dc: ge
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 227281

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 568A 0
0 98ms
34ms Document
text/html 147.75.102.239
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1431697.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://occmed.sanfordhealth.org/resources
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://occmed.sanfordhealth.org/resources

Response headers

status: 200
date: Tue, 31 Mar 2020 19:58:40 GMT
content-type: text/html
content-length: 851
last-modified: Mon, 30 Mar 2020 17:18:04 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.122
section-origin-responded: true
age: 41002
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 9ad07f4ad6d18874117e91fab033a27b

GET
H/1.1 200
OK sprites.png
occmed.sanfordhealth.org/Coveo/image/ 63 KB
63 KB 141ms
140ms Image
image/png 13.89.237.102
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/Coveo/image/sprites.png

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/coveo/js/CoveoJsSearch-service.min.js?v=WI_X2w0uYxlC5tSpkNuZzhxJcWScDvD7bRF8Dn4Wb_41

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

13.89.237.102 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b890e426df7d5e88ee8546f7c8a1eae6a931ef0272d1c16ec8ca87bf6f3600ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/Coveo/css/CoveoFullSearch-service.min.css?v=Ab74TxaK2Us9m5zdNFGisL-4ABoPTSD0nPCsz2ntPWk1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Strict-Transport-Security: max-age=300; includeSubDomains
Last-Modified: Thu, 26 Mar 2020 13:18:11 GMT
Server: Microsoft-IIS/8.5
ETag: "a3b7a7ff703d61:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=604800
Date: Tue, 31 Mar 2020 19:58:39 GMT
Accept-Ranges: bytes
Content-Length: 64644

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 321 B
1 KB 142ms
50ms Script
text/html 82.199.68.73
EQUINIX-CONNECT-EMEA

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=10273&dispType=js&sync=0&sessionid=2724403902609160812&pageurl=$$https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources$$&activityValues=$$Session%3D8026012088947345506$$&ns=0&rnd=2653506914486965
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (EQUINIX-CONNECT-EMEA, GB),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c0d0faa9dd1bb1ffda03a4336de5fb43ac5cd475fe3fb9cb6c147608a9ab720d

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Tue, 31 Mar 2020 19:58:39 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 249
Expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H/1.1 200
OK view Show response
usageanalytics.coveo.com/rest/v15/analytics/ 101 B
856 B 515ms
170ms Fetch
application/json 52.0.71.65
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usageanalytics.coveo.com/rest/v15/analytics/view

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.71.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-71-65.compute-1.amazonaws.com

Software

Resource Hash

df35df51c8db1d9a2babb0b2e37a4caa5d032dfb90c545d30bae122551f41988

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains, max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Authorization: Bearer xxf7c94658-1444-4b8f-b748-4026331016b7
Referer: https://occmed.sanfordhealth.org/resources
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Tue, 31 Mar 2020 19:58:40 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Vary: Origin
Connection: keep-alive
P3P: CP="-"
Access-Control-Allow-Origin: https://occmed.sanfordhealth.org
Cache-Control: no-cache,no-store,must-revalidate,private
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16070400; includeSubDomains, max-age=16070400; includeSubDomains
Content-Type: application/json
Content-Length: 101
X-XSS-Protection: 1; mode=block
Expires: Thu Jan 01 00:00:00 UTC 1970

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 36ms
35ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Tue, 31 Mar 2020 19:58:40 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=Microdata&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&rl=&if=false&ts=1585684720285&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Resources%20%7C%20Sanford%20OccMed%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Browse%20our%20occupational%20medicine%20resources%20and%20educational%20materials%20to%20learn%20more%20about%20how%20you%20can%20keep%20your%20workforce%20safe%20and%20healthy.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Foccmed.sanfordhealth.org%3A443%2F-%2Fmedia%2Ffeature%2Fmetadata%2Fsanford-health.jpg%3Fbc%3Dblack%26as%3D0%26h%3D200%26la%3Den%26w%3D382%26hash%3D967EB15D2B379629514EE756E370944D173CC75C%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585684719782.1895028406&it=1585684719696&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 19:58:40 GMT, Tue, 31 Mar 2020 19:58:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 31 Mar 2020 19:58:40 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 378 KB
61 KB 272ms
257ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c1214e59c44f5e5c8df55e450b79c53173ec6d1be075d5586d42aca95cd1c5

Request headers

Referer: https://occmed.sanfordhealth.org/resources
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Mar 2020 19:58:40 GMT
via: 1.1 20579d8c7e6a7d159f211e9ee1d4003c.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-C3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
status: 200
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Mon, 09 Mar 2020 04:08:40 GMT
server: cloudflare
etag: W/"2e38cc0a0ac0df26db1ee131533ec1c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
x-amz-version-id: g.iTr1QYUHTKmLRDHUCic9UdeJCTzz0A
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
cf-ray: 57cca57dfecec277-FRA
x-amz-cf-id: e28pDD9G-Q9z_-m104_1HEeZ1EuuiKYJ8suK3NymEK0Dd2J9bwK-XA==

GET
H2 200 2204273.js Show response
js.hs-analytics.net/analytics/1585684500000/ 84 KB
22 KB 169ms
169ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1585684500000/2204273.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b705f07a530195abd59195b6012ddf44375cde1210eea04cb8ac579a98af3ea

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:40 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 7E85F5F16E2ED2A8
x-amz-server-side-encryption: AES256
status: 200
content-type: text/javascript
x-amz-id-2: 69sS7kbR5HlEJwk1bjC4S02YZwqtgIihxpCshZc/Jqtfc9InWf3IcWXoMPWIESLDSKIcgGX+Xp0=
last-modified: Thu, 12 Mar 2020 15:23:37 GMT
server: cloudflare
etag: W/"6e23c62ea369f366f783c4e29278d623"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 57cca57dd8dec2e5-FRA
expires: Tue, 31 Mar 2020 20:03:40 GMT

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 35ms
35ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-68f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Tue, 31 Mar 2020 19:58:40 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

GET
H2 200 / Show response
graph.facebook.com/ 83 B
270 B 54ms
41ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_5uxb0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a6a23210e075e39dc3f3069707ba4840409d390cba4cd6d81c3a06df4eac6c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Tue, 31 Mar 2020 19:58:40 GMT, Tue, 31 Mar 2020 19:58:40 GMT
x-fb-rev: 1001923908
alt-svc: h3-27=":443"; ma=3600
content-length: 83
pragma: no-cache
x-fb-debug: QJwEDdcH8RmOT4XY6T9695U+xyIbE0suE1YDlWn00qJG32u27Q1Jms5jbuYFZ8+8kHvOCc24LBeQMIFwLe5ZOw==
x-fb-trace-id: GBTmGfggBMR
etag: "f33bd692d0bfd3814ce68ed28eb2c867f6cc1a69"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AkymPkGw6_gK8KVIpOTB506
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
graph.facebook.com/ 82 B
540 B 53ms
40ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=http%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_cjx10

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a1f629d0c88e5ffb4c885173955e487f1374ba42199b15ca36ee0dc74751b88

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=15552000; preload
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
date: Tue, 31 Mar 2020 19:58:40 GMT, Tue, 31 Mar 2020 19:58:40 GMT
x-fb-rev: 1001923908
alt-svc: h3-27=":443"; ma=3600
content-length: 82
pragma: no-cache
x-fb-debug: 4SNmka2etdNSLWGtZPSQ3/tFK4h+h4AD3Ki+l7SQ4DJAZ6MVmbeKWKIRczjszwlHcY8Gnyh+eJjUkCzAoEZNxQ==
x-fb-trace-id: GhYV4uRlaw+
etag: "5372195588fe6cfd77d28ed2f3a0986f62115483"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AHDZYwkx0PNZaKh5Ti4xYF4
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
zncyxqo8pq1nl14p3-sanford.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 77 KB
19 KB 264ms
193ms Script
application/javascript 104.17.209.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zncyxqo8pq1nl14p3-sanford.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cYXQO8PQ1Nl14P3&t=1585684720987

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/resources

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ce93eeda1b04d9f8c9b2d87307352b638bc23e39221f371506a5195c1639cfe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 31 Mar 2020 19:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
status: 200
edge-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
etag: W/"13574-eY2XsLD0L8v9kjzjYilCzDCGIcU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 57cca582addc9d0c-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
233 B 24ms
24ms Image
image/gif 2606:4700::6810:fc05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=2204273&pu=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&t=Resources+%7C+Sanford+OccMed&cts=1585684720996&vi=a3cfa7d097e21b27b6d6c611d60879ee&nc=true&u=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&b=239181569.1.1585684720994

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fc05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 31 Mar 2020 19:58:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 57cca5823d99bf14-FRA
content-type: image/gif
content-length: 45
x-robots-tag: none

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=699338009&t=event&ni=1&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&ul=en-us&de=UTF-8&dt=Resources%20%7C%20Sanford%20OccMed&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=scroll-depth&ea=percent&el=10&_u=aEDAAEAB~&jid=&gjid=&cid=1981314030.1585684720&tid=UA-17672572-22&_gid=1394718144.1585684720&gtm=2wg3i0PHTXJVD&z=1333480042

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 06:20:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6010662
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=699338009&t=event&ni=1&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&ul=en-us&de=UTF-8&dt=Resources%20%7C%20Sanford%20OccMed&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=scroll-depth&ea=percent&el=25&_u=aEHAAEAB~&jid=&gjid=&cid=1981314030.1585684720&tid=UA-17672572-22&_gid=1394718144.1585684720&gtm=2wg3i0PHTXJVD&z=1944202633

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 06:20:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6010662
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
777 B 217ms
199ms XHR
application/json 2606:4700::6810:f905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2204273&utk=a3cfa7d097e21b27b6d6c611d60879ee&__hstc=239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1&__hssc=239181569.1.1585684720994&currentUrl=https%3A%2F%2Foccmed.sanfordhealth.org%2Fresources

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acaaf6150fc3506093f44aa8df3d866c990e43903e009da32dd6e9ea3d044d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://occmed.sanfordhealth.org/resources
Origin: https://occmed.sanfordhealth.org
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 31 Mar 2020 19:58:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-ray: 57cca5826df79ac8-FRA
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://occmed.sanfordhealth.org
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 77 KB
28 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a1c446a4b15a120ef3f91f6bda3a50a877a89785b62c2dc4870e440d9d2a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 28 Mar 2020 09:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 296594
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28924
x-xss-protection: 0
expires: Sun, 28 Mar 2021 09:35:30 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/6/ 143 KB
53 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/6/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd031c511ae18654a3853dbecf9e9c1cd54e9d47ab8db8b9b667da11ac1f9da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 17:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Mar 2020 19:43:31 GMT
server: sffe
age: 526554
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 54062
x-xss-protection: 0
expires: Thu, 25 Mar 2021 17:42:50 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
145 B 60ms
60ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Foccmed.sanfordhealth.org%2Fresources&4sAIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&callback=_xdc_._3uqfl5&key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&token=73539

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/40/6/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

9dbb3d345f65044b57ca06de49178b2ed31a461f27995b6b4169e381e71f2593

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/resources
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Tue, 31 Mar 2020 19:58:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=46
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sanfordhealth.org/	1970-01-19 08:29:31	Name: _gid Value: GA1.2.1394718144.1585684720
.sanfordhealth.org/	1970-01-20 01:59:16	Name: _ga Value: GA1.2.1981314030.1585684720
occmed.sanfordhealth.org/	1970-01-19 08:28:06	Name: __hssc Value: 239181569.1.1585684720994
occmed.sanfordhealth.org/	1970-01-19 17:49:40	Name: hubspotutk Value: a3cfa7d097e21b27b6d6c611d60879ee
occmed.sanfordhealth.org/	1970-01-19 08:28:06	Name: __atuvs Value: 5e83a0efdf7e45e5000
occmed.sanfordhealth.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.occmed.sanfordhealth.org/	1970-01-19 08:28:04	Name: _gat_UA-17672572-22 Value: 1
occmed.sanfordhealth.org/	1970-01-19 17:58:19	Name: __atuvc Value: 1%7C14
occmed.sanfordhealth.org/	1970-01-19 17:49:40	Name: __hstc Value: 239181569.a3cfa7d097e21b27b6d6c611d60879ee.1585684720994.1585684720994.1585684720994.1
.sanfordhealth.org/	1970-01-19 10:37:40	Name: _fbp Value: fb.1.1585684719782.1895028406
.sanfordhealth.org/	1970-01-19 17:00:43	Name: _hjid Value: ce377766-bf52-423f-8531-8b1fa80bd5cd
occmed.sanfordhealth.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 25434gkd410nppytyxa1bfca
.sanfordhealth.org/	1970-01-19 10:37:40	Name: _gcl_au Value: 1.1.814272248.1585684719
.occmed.sanfordhealth.org/	1970-01-19 08:29:31	Name: _gid Value: GA1.3.1394718144.1585684720
.sanfordhealth.org/	1969-12-31 23:59:59	Name: __coveo.analytics.history Value: [{"name":"PageView","value":"https://occmed.sanfordhealth.org/resources","time":"\"2020-03-31T19:58:39.496Z\"","internalTime":1585684719496}]
.occmed.sanfordhealth.org/	1970-01-20 01:59:16	Name: _ga Value: GA1.3.1981314030.1585684720

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
bs.serving-sys.com
cdn.jsdelivr.net
connect.facebook.net
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
graph.facebook.com
js.hs-analytics.net
js.hs-scripts.com
js.hsleadflows.net
maps.googleapis.com
occmed.sanfordhealth.org
s7.addthis.com
script.hotjar.com
secure-ds.serving-sys.com
static.cloud.coveo.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
usageanalytics.coveo.com
v1.addthisedge.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
z.moatads.com
zncyxqo8pq1nl14p3-sanford.siteintercept.qualtrics.com
104.17.209.240
13.224.194.81
13.89.237.102
147.75.102.239
147.75.33.131
151.101.14.109
23.210.248.44
2606:4700::6810:5714
2606:4700::6810:f905
2606:4700::6810:fc05
2606:4700::6811:44b0
2606:4700::6811:d5cc
2606:4700::6811:e6cc
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:800::200a
2a00:1450:4001:808::2004
2a00:1450:4001:817::200e
2a00:1450:4001:820::2003
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c08::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
52.0.71.65
82.199.68.73
92.122.255.233
95.101.177.202
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068814d6894f554d2bb82ecb849542562db62054c5570ca921a874cb3cbe4859
0c943d40a865e7df780e8ed6a02b8e0147d33ebcd9ca8926927073c84194c71b
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589
1052ca0a5685ca3badc6eb9e947612b913e826b4cdc0a37eb67bcf6cf47e3720
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
2097ebf3007389d0b721a6809b085de03c25085a600477255cd04a5cc8d4bf75
267e03b73d1ac6e609b3eeae77b56ff00c1200179d319fc8096351da73c85320
2a1f629d0c88e5ffb4c885173955e487f1374ba42199b15ca36ee0dc74751b88
2c633e73b261b6b149fbe0a800c49f1a0b05dd617511a128a7d4de026582e16f
3f6537f85f71e5ca9672d7cb7d73eebc9cbbbba5233b04ca04f0983d2283ecca
414d92d40962f721675cdba0a4cfc0084f04229cc51bdbb70ded9876eeacc099
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fc4e4032f2d2422b3ed9aed5939d32ae61e9da53a8971fbfb8acc36f9c81557
66bd096c27fdb2a43d841fd64410ea4d4f1e0e3754ba2888f4bff74e22b4bd65
67a1c446a4b15a120ef3f91f6bda3a50a877a89785b62c2dc4870e440d9d2a6c
6ee6fe8fdd2e8dc749ae84597219058558561eff30cdc8597414a562c6a91ef2
7b705f07a530195abd59195b6012ddf44375cde1210eea04cb8ac579a98af3ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f27a809fcaf3a77c5de01c43f08cceaa87caafca898ec59c8408368d57d064
886dc536b295c06673f49567f9d48d043e2a34e0b9c5e52e87f668cd22bb4888
8b1b658d04b568f6f3e2fb2698ae8c303b9a6b38d4a71d9e86bac63d17fed58f
9733ef6091f5e357fbfb8b878ab13f98e9fbd61e6de590a411ee0c2306de472e
9dbb3d345f65044b57ca06de49178b2ed31a461f27995b6b4169e381e71f2593
9f4a366ab8f5d167119d9f9f32f082c6f044b75acbed007e0657ba3eefd13a03
a29be51bcc039f93f4b9c62a3f77f512b07815494fc6eefcb9f183a53b90e0b5
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6a23210e075e39dc3f3069707ba4840409d390cba4cd6d81c3a06df4eac6c82
ab8ceea757a634f5ce5a9ed6f6b4bcdd555869b385d315854e16914a2f5a3bc7
acaaf6150fc3506093f44aa8df3d866c990e43903e009da32dd6e9ea3d044d9f
ae5488ca14a63553b75c3a76150229a55a65267a1de90ede6d50f96a58982d52
b1c1214e59c44f5e5c8df55e450b79c53173ec6d1be075d5586d42aca95cd1c5
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b2f112976466b06600b7bd21c1a6a0ce876d4464e893341ffd1aab6f82023663
b890e426df7d5e88ee8546f7c8a1eae6a931ef0272d1c16ec8ca87bf6f3600ac
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bd031c511ae18654a3853dbecf9e9c1cd54e9d47ab8db8b9b667da11ac1f9da1
c0d0faa9dd1bb1ffda03a4336de5fb43ac5cd475fe3fb9cb6c147608a9ab720d
c13bb2f832138d95229bde79bad63173fb94ed0c06e4a480efb7ae52a29b07ff
c7feac530608af73a120942c820e7a17b4f489356df4b43d0e4c5ab77b29cae0
ce93eeda1b04d9f8c9b2d87307352b638bc23e39221f371506a5195c1639cfe6
d0873062e23aac223cae246eb0e36e0e9f8d59bcfbdc38658de4e4f05ec18e35
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df35df51c8db1d9a2babb0b2e37a4caa5d032dfb90c545d30bae122551f41988
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e2b5677607e4f027d3b5fdfd62bda3a6b3daa7c14f2e689d7760b3ad672c8de3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa00fc745707cd877bdb8e4c5bf3d90e03ee0ca800581b49fe7be8a0a93808fe

occmed.sanfordhealth.org Open in urlscan Pro 13.89.237.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

62 %IPv6

24 Domains

31 Subdomains

27 IPs

7 Countries

2324 kBTransfer

6481 kBSize

16 Cookies

32 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

occmed.sanfordhealth.org Open in urlscan Pro
13.89.237.102 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

62 %
IPv6

24
Domains

31
Subdomains

27
IPs

7
Countries

2324 kB
Transfer

6481 kB
Size

16
Cookies

59 HTTP transactions
0 data transactions