urlscan.io logo urlscan.io
SecurityTrails logo

provisionsgroup.com Open in urlscan Pro
35.185.209.134  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www2.provisionsgroup.com/e/955473/cover-stabilize-and-transform-/cvd1y/404194135?h=Lv0Lr3uj576JsTFoGRmqd2M5tiBbk-RFL_0ZOL...
Effective URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Submission: On March 08 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 36 HTTP transactions. The main IP is 35.185.209.134, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is provisionsgroup.com.
TLS certificate: Issued by R3 on January 21st 2023. Valid for: 3 months.
This is the only time provisionsgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.54.96.194 14618 (AMAZON-AES)
4 35.185.209.134 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 141.193.213.11 209242 (CLOUDFLAR...)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
4 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.232.16.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2600:9000:205... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 34.107.203.234 396982 (GOOGLE-CL...)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 2a03:2880:f17... 32934 (FACEBOOK)
36 18
1    52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com
www2.provisionsgroup.com
4    35.185.209.134 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 134.209.185.35.bc.googleusercontent.com
provisionsgroup.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
prvgrpprd.wpenginepowered.com
1    2a02:26f0:11a::6867:4832 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:2057:7600:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tools.luckyorange.com
1    2600:9000:20eb:4200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 11902
settings.luckyorange.com — Cisco Umbrella Rank: 12088
87 KB
5 typekit.net
p.typekit.net — Cisco Umbrella Rank: 568
use.typekit.net — Cisco Umbrella Rank: 440
123 KB
5 provisionsgroup.com
www2.provisionsgroup.com
provisionsgroup.com
346 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 564
px4.ads.linkedin.com — Cisco Umbrella Rank: 6058
3 KB
4 wpenginepowered.com
prvgrpprd.wpenginepowered.com
98 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
259 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
136 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2425
301 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
145 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 628
394 B
1 t.co
t.co — Cisco Umbrella Rank: 536
377 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813
367 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 704
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 633
15 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4464
2 KB
36 15
Domain Requested by
4 use.typekit.net provisionsgroup.com
4 prvgrpprd.wpenginepowered.com provisionsgroup.com
4 provisionsgroup.com provisionsgroup.com
3 tools.luckyorange.com www.googletagmanager.com
tools.luckyorange.com
2 www.facebook.com provisionsgroup.com
2 settings.luckyorange.com tools.luckyorange.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net provisionsgroup.com
connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com provisionsgroup.com
1 analytics.twitter.com provisionsgroup.com
1 t.co provisionsgroup.com
1 px4.ads.linkedin.com provisionsgroup.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 ws.zoominfo.com provisionsgroup.com
1 p.typekit.net provisionsgroup.com
1 www2.provisionsgroup.com 1 redirects
36 20
Subject Issuer Validity Valid
provisionsgroup.com
R3		 2023-01-21 -
2023-04-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-18 -
2023-04-18		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2022-05-04 -
2023-05-04		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-15		 2 months crt.sh
luckyorange.com
Amazon RSA 2048 M01		 2023-02-27 -
2024-01-16		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
settings.luckyorange.com
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh

This page contains 4 frames:

Primary Page: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Frame ID: 33108E83DDEAD92AB0ED730AD9EFD23C
Requests: 32 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=cd79b92
Frame ID: D7861CB259599E6B8C6F9946AC50A37F
Requests: 3 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=cd79b92
Frame ID: 3C8010D30F7EFDB7A32D02C6FEE3C47C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7B9D54508C83EC5F2E97B16470CBCFE6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HLTH 2022 Takeaways Part One: Recover, Stabilize, and… Transform? - Provisions Group

Page URL History Show full URLs

  1. https://www2.provisionsgroup.com/e/955473/cover-stabilize-and-transform-/cvd1y/404194135?h=Lv0Lr3uj576JsTFoGR... HTTP 301
    https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

36
Requests

89 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

18
IPs

3
Countries

959 kB
Transfer

2937 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www2.provisionsgroup.com/e/955473/cover-stabilize-and-transform-/cvd1y/404194135?h=Lv0Lr3uj576JsTFoGRmqd2M5tiBbk-RFL_0ZOLypvO8 HTTP 301
    https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4109257%26time%3D1678262635528%26url%3Dhttps%253A%252F%252Fprovisionsgroup.com%252Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&liSync=true&e_ipv6=AQIuYmQPVrLQ9AAAAYbAP45tZZgqSS6G-LmX4TJyd7fa2VCU9kU6RU6L0U9Rwbq2xunAzUBK

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Redirect Chain
  • https://www2.provisionsgroup.com/e/955473/cover-stabilize-and-transform-/cvd1y/404194135?h=Lv0Lr3uj576JsTFoGRmqd2M5tiBbk-RFL_0ZOLypvO8
  • https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
84 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
cc5546d72d2cf9822f86fbb0b0b93d8fb73d587fae55034e81da5b55122749c5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 08 Mar 2023 08:03:54 GMT
link
<https://provisionsgroup.com/wp-json/>; rel="https://api.w.org/" <https://provisionsgroup.com/wp-json/wp/v2/posts/4162>; rel="alternate"; type="application/json" <https://provisionsgroup.com/?p=4162>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 10
x-cache-group
normal
x-cacheable
SHORT
x-frame-options
SAMEORIGIN
x-pingback
https://provisionsgroup.com/xmlrpc.php
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
144
Content-Type
text/html; charset=UTF-8
Date
Wed, 08 Mar 2023 08:03:53 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Fri, 07 Mar 2025 08:03:53 GMT
location
https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
d7b40e602730e3a6b8ccf9f96a43e137.css
provisionsgroup.com/wp-content/cache/min/1/ 		749 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
992991aadc4ce70c822847337207749510464a18990c9fcd7c6a0a431a0964cb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:54 GMT
content-encoding
br
last-modified
Tue, 07 Mar 2023 20:11:09 GMT
server
nginx
etag
W/"64079a5d-bb5ae"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9MYHBDCMJ2
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6a806627b26cdab21ef528a3b8ac7674bc3b5b5167aec179f1a9f79a9ac3deb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78813
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Mar 2023 08:03:54 GMT
i18n.min.js
prvgrpprd.wpenginepowered.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prvgrpprd.wpenginepowered.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 19:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
101916
etag
W/"632e0f32-27f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZWMkPeVVTsBRIaREURKNMxa11cnV6YKBfijG7kyo9tVUgotYNNwSX5xaCw7C1l3Uf2Q8VzkDnrwBlIUeo1CGao1XpIBemBebhE9%2F%2Bx7hvuykBimGzM33a2RnGgP6cZBh1qX%2BABqW%2BL%2FJf4SSylj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a49907b398a9293-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazyload.min.js
prvgrpprd.wpenginepowered.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prvgrpprd.wpenginepowered.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Feb 2023 22:52:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
101917
etag
W/"63ec10b7-2063"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMnB6cxyP6XeuT%2FXUNLtdEEmpLHcZxsTZeLoAzDT6JNm3yYSchspX30NwJBBFpCpVbHIExIwAG5Ze5tCCQoT7mkxHMpswzwsl7imTQhW9Gtyxa%2BCLvZS6B8m8OeRdnvQslq75HzIsucIaf8%2BgGkI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a49907d2af69293-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
d4986575c9714544b33720319ec07718.js
provisionsgroup.com/wp-content/cache/min/1/ 		514 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/wp-content/cache/min/1/d4986575c9714544b33720319ec07718.js
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7db5e1fcd14f7a49cefe7a8a187532b99b64621c9a8c81c6000b531d25407325
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:54 GMT
content-encoding
br
last-modified
Tue, 07 Mar 2023 20:11:09 GMT
server
nginx
etag
W/"64079a5d-80632"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=swz6prv&ht=tk&f=139.140.175.176&a=697053&app=typekit&e=css
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:4832 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
last-modified
Sun, 01 May 2022 15:58:42 GMT
server
nginx
etag
"626eae32-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9MYHBDCMJ2&gtm=45je3360&_p=944893098&gdid=dZTNiMT&cid=1833311435.1678262635&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678262635&sct=1&seg=0&dl=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&dt=HLTH%202022%20Takeaways%20Part%20One%3A%20Recover%2C%20Stabilize%2C%20and%E2%80%A6%20Transform%3F%20-%20Provisions%20Group&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MYHBDCMJ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Mar 2023 08:03:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provisionsgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		185 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6708187209de1efbf38849abddcfd67efae9e6ba889f64c5f7fca344d120e0c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69270
x-xss-protection
0
last-modified
Wed, 08 Mar 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Mar 2023 08:03:55 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7690da7ff64e2d6d83d50e84555271de796dc87c9f079283487cff53274eedf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
server
nginx
etag
"6aeae62b893768150f3460329dc461358e8ab2f5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29820
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d202eab777e0b1d47771966e196a7456c4ec209b5289c43a84ca203fc3297ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26cea47ccefbfba5e147b13e3654d20c6dd820743159fdb5e0c340aeb8fcc2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
server
nginx
etag
"09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30704
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
server
nginx
etag
"45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31620
l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
server
nginx
etag
"59a4b2c03f9b7609599aab6c503269f21dd7d06e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32312
zRMKt2telQiSTK6AQpsl
ws.zoominfo.com/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/zRMKt2telQiSTK6AQpsl
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d4986575c9714544b33720319ec07718.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
66a70cf711580febaff5450d777afef36b29e14b65f6233ea27ada10bfde433a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7a49907f09af3687-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap-icons.woff2
provisionsgroup.com/wp-content/themes/pg-marketing-theme/css/fonts/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/wp-content/themes/pg-marketing-theme/css/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://provisionsgroup.com/wp-content/cache/min/1/d7b40e602730e3a6b8ccf9f96a43e137.css
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
last-modified
Thu, 02 Mar 2023 15:33:46 GMT
server
nginx
etag
"6400c1da-19088"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
102536
provisions-group-logo.png
prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/03/provisions-group-logo.png
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fbf8701a7f2f5cb56ffe4cd2f2fa6564709f933ba5286d4ed31e524253b79f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
167411
cf-polished
origFmt=png, origSize=16193
content-disposition
inline; filename="provisions-group-logo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6872
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Apr 2022 19:36:39 GMT
server
cloudflare
etag
"62475447-3f41"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeWyozohAO1yrrMavAZK92kVlpr4kNe3AD54gN%2BvWDmSYgc6lTfh062HiNkcs3nryCm0NIF2XIhn%2Bo4KIWAdJ4MijlemmaV6VllnWimW6JlcnD0XUc41cxBPNlNaq4z97BQL355QbKe6FDzv95Xz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a49907f4c3e360f-FRA
EricThrailkill-Article-Thumbnail1-L1hc-768x768.jpg
prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/12/ 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/12/EricThrailkill-Article-Thumbnail1-L1hc-768x768.jpg
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa113b4777ef3a6c8bfcc374b646abc9fa5a46a4151e573efe279aea49260e6b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
84753
last-modified
Tue, 13 Dec 2022 15:07:28 GMT
server
cloudflare
etag
"63989530-14b11"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mleMunc97WuxO8dc9k3oaqbsU9fLkImg26z6wgVfHwvYvdbTLtBowirOxOw4xJ9gedkdWu6exOzoA%2B0TDUfGlgorZLUHcrvju8b4kt90%2BQNhpcbOyws9AaoXW29RVR2OCCFn0aryeyaKfWxRtMhj"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a49907f4c40360f-FRA
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-vie6342-VIE
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=73758
accept-ranges
bytes
content-length
4777
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Mar 2023 08:03:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
K800vQXWfYQARX0wlXLlL3clpqG4vHKRBvnZ+kO839UHDqqsbu3TpBtYQ0VfApopbxBiPNm2WwqJFimAB5npqQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
lo.js
tools.luckyorange.com/core/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=c6a7ff2f
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98c8a5f102745e7786651b7b0a4efe64f94bac4a0b84d3bd8d04bb81f3790e06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 07:48:37 GMT
content-encoding
gzip
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 18:48:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
919
etag
"92348ac7e2644c515ebd0fd597e3823e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
content-length
4324
x-amz-cf-id
8owMBSWa_8QzYjGG7lZoRwf81v5cgWEUog69sHeGMQ3z_pqSh2wlTQ==
563413597391239
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/563413597391239?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3f0cc8e1eb01034143e23c7ea2e97f6d3af7994e3934504e99b56a68b1106a4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Mar 2023 08:03:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
N0irI6i1ioCTD3/CPYvUwRjxpc5iCFfKV6Wgo59VxZwS0Iug86Du/lRx4cCg5GnIG/IdCmLzuNll4mH4bxz5Nw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4109257/domain/provisionsgroup.com/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4109257/domain/provisionsgroup.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://provisionsgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
gzip
via
1.1 e0efba8a72628bfc3dc6d4d637b28302.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
dlBqt3Jvm4R55r3K15n-Fmq0l53SUdWr5FNERr8hfbnph2rarDuI5A==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4109257%26time%3D1678262635528%26url%3Dhttps%253A%252F%252Fprovisionsgroup.com%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&liSync=true&e_...
0
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&liSync=true&e_ipv6=AQIuYmQPVrLQ9AAAAYbAP45tZZgqSS6G-LmX4TJyd7fa2VCU9kU6RU6L0U9Rwbq2xunAzUBK
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B308DE83777D49F9B951DF46849BA844 Ref B: FRAEDGE1207 Ref C: 2023-03-08T08:03:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2XvhHSc6MMQ4sMU48kA==

Redirect headers

date
Wed, 08 Mar 2023 08:03:55 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7FEB85F2881540C486EF0735F330FCA8 Ref B: FRAEDGE1215 Ref C: 2023-03-08T08:03:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1678262635528&url=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&liSync=true&e_ipv6=AQIuYmQPVrLQ9AAAAYbAP45tZZgqSS6G-LmX4TJyd7fa2VCU9kU6RU6L0U9Rwbq2xunAzUBK
x-li-proto
http/2
content-length
0
x-li-uuid
AAX2XvhEQ+QwOUQ2257mnA==
c6a7ff2f
settings.luckyorange.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/c6a7ff2f
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=c6a7ff2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
5d4ec4d045121ff396683e5a7a707d11ce285b76ba1de3dcf5aa9302ac590829

Request headers

Referer
https://provisionsgroup.com/
accept-language
de-DE,de;q=0.9
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-lucky-referrer

Response headers

date
Wed, 08 Mar 2023 08:03:55 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://provisionsgroup.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c6a7ff2f
settings.luckyorange.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/c6a7ff2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://provisionsgroup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://provisionsgroup.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 08 Mar 2023 08:03:55 GMT
via
1.1 google
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=f6c0ea0e-c990-4100-8867-ed50fbca1083&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2690ecf8-58df-47b0-b21a-236acd0afdd7&tw_document_href=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcxi&type=javascript&version=2.3.29
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
110
date
Wed, 08 Mar 2023 08:03:55 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
957219a0cea06e0b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e75d991da06e663dfdf7141cf1200d99f4a04718e18b436c7193d1f8ef32f89b
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f6c0ea0e-c990-4100-8867-ed50fbca1083&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=2690ecf8-58df-47b0-b21a-236acd0afdd7&tw_document_href=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcxi&type=javascript&version=2.3.29
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
111
date
Wed, 08 Mar 2023 08:03:54 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
8b10f7ae9137becc
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
c5b43041970b21e5758617baaa7cf02de872b83a4bfc29c36116d973fb2c36b5
content-length
43
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=563413597391239&ev=PageView&dl=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&rl=&if=false&ts=1678262635637&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678262635636.512219886&it=1678262635520&coo=false&rqm=GET
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 Mar 2023 08:03:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
core.js
tools.luckyorange.com/core/ Frame D786 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/core.js?v=cd79b92
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=c6a7ff2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9558ebf11e706a8a7866f500f390dd49cf3f42949cf581bfae441b3ff0bdd302

Request headers

Referer
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 22:39:59 GMT
content-encoding
gzip
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
33838
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63463
last-modified
Tue, 07 Mar 2023 18:48:11 GMT
server
AmazonS3
etag
"a5e86208a8f69882f408eff1536a47eb"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
z02JASK1wriqpb2sUdGVZMh806LCVttWBJ7Sxx-QCKbxCorA6_GX_A==
frame.js
tools.luckyorange.com/core/ Frame 3C80 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/frame.js?v=cd79b92
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=cd79b92
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f71700022663d25eb8f5e0e680d5de8a2a6d9f4986f186dd2586fa58d4428b5

Request headers

Referer
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 08:03:57 GMT
content-encoding
gzip
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
18395
last-modified
Tue, 07 Mar 2023 18:48:11 GMT
server
AmazonS3
etag
"8f3d870266a53f7be34fa3c5a388531e"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
c9Ci-xAXakLbAfbDXoFDuWlZGt33-ecBktNtqBFzNj_ESpR0SF6X5g==
frame.js
tools.luckyorange.com/core/ Frame 7B9D 		0
0
/
www.facebook.com/tr/ Frame 7B9D 		0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://provisionsgroup.com
Referer
https://provisionsgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://provisionsgroup.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 08 Mar 2023 08:03:56 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
73be37c2-a0cd-48b2-8e4d-b0216c2e4bec
https://provisionsgroup.com/ Frame D786 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://provisionsgroup.com/73be37c2-a0cd-48b2-8e4d-b0216c2e4bec
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length
0
Content-Type
d397711f-f0f7-4639-91ab-7ee576174171
https://provisionsgroup.com/ Frame D786 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://provisionsgroup.com/d397711f-f0f7-4639-91ab-7ee576174171
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/hlth-2022-takeaways-part-one-recover-stabilize-and-transform/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
facdb180b697f86f717823c9b0690f55f4792754d6df3bfe356624240d9a0253

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length
22873
Content-Type
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9MYHBDCMJ2&gtm=45je3360&_p=944893098&gdid=dZTNiMT&cid=1833311435.1678262635&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1678262635&sct=1&seg=0&dl=https%3A%2F%2Fprovisionsgroup.com%2Fhlth-2022-takeaways-part-one-recover-stabilize-and-transform%2F&dt=HLTH%202022%20Takeaways%20Part%20One%3A%20Recover%2C%20Stabilize%2C%20and%E2%80%A6%20Transform%3F%20-%20Provisions%20Group&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MYHBDCMJ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://provisionsgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 08 Mar 2023 08:04:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provisionsgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tools.luckyorange.com
URL
https://tools.luckyorange.com/core/frame.js?v=cd79b92

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| gform object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| pg_ajax function| sprintf function| vsprintf object| gform_i18n object| gf_legacy_multi object| gform_gravityforms object| gf_global object| gf_legacy object| gform_theme_config object| lazyLoadOptions object| bb_powerpack object| runtime function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile undefined| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden undefined| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields undefined| GFMergeTag undefined| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformInitializeSpinner function| gformRemoveSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input undefined| rgars undefined| rgar object| __core-js_shared__ object| core object| wpo365 undefined| $ function| jQuery number| uidEvent object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| LazyLoad object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| twq string| _linkedin_data_partner_id function| fbq function| _fbq function| lintrk boolean| _already_called_lintrk object| ziws object| LO object| twttr object| LOQ object| _loq

18 Cookies

Domain/Path Name / Value
.provisionsgroup.com/ Name: _ga
Value: GA1.1.1833311435.1678262635
.provisionsgroup.com/ Name: _gcl_au
Value: 1.1.444900908.1678262635
.provisionsgroup.com/ Name: _ga_9MYHBDCMJ2
Value: GS1.1.1678262635.1.1.1678262635.0.0.0
.ws.zoominfo.com/ Name: visitorId
Value: 2f93283d67d4700ec982ec12e9f0bd02af38ee805759096f93095052a24191e0
.zoominfo.com/ Name: __cf_bm
Value: P1hAXjEi3E9crlCNc_APngfyDJGXyGRZ8gXMpWbkX5I-1678262635-0-AeX/7XWqY+CRJaN37Hvk/dPG9urqehLk/nkFAqsVU6k/zCJcUxEUhvMpkr0hMzuZTw+gHFFmL7sG5pPyz1qO1kI=
.zoominfo.com/ Name: _cfuvid
Value: uw1Ob9oGHE72CA2pIAk.L8LEYmMGbItNLhK_i8bCzKM-1678262635517-0-604800000
.provisionsgroup.com/ Name: _fbp
Value: fb.1.1678262635636.512219886
.t.co/ Name: muc_ads
Value: 6f6823f4-f7e4-4d12-af9a-2578cc3d923e
.twitter.com/ Name: personalization_id
Value: "v1_3wnmwlVqz7flJzC+hFe4mw=="
provisionsgroup.com/ Name: ln_or
Value: eyI0MTA5MjU3IjoiZCJ9
.linkedin.com/ Name: UserMatchHistory
Value: AQKt7eTIu2P36gAAAYbAP408pIB9JbC9J955Njl4Z7tSnCF8OAJ8JTIm2uMcN-_3pAdpsT6GsCiKxw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKbGDxYu4SE2AAAAYbAP40927zjF90PiYxcxp3ilJRZdxvkWaP8gUZlSDJFifBTxkaB5VeGaz7m5FAcsNG7Sg
.linkedin.com/ Name: bcookie
Value: "v=2&a3932672-9c95-439a-834a-d4b020231440"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2897:u=1:x=1:i=1678262635:t=1678349035:v=2:sig=AQGb4DYX3H5CcLu4U4qvwNLlbyiMZr4x"
.www.linkedin.com/ Name: bscookie
Value: "v=1&202303080803557ff44cd1-688f-46a1-80df-d5b999ddb6e4AQEyqvUXwc1zDnRo_Vz8ZgWj0JoqAOA4"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzgyNjI2MzU7MjswMjESWyEo9amSx448BX6TXfWpZ+Xfe/vcfQrwC9Bz5A9//Q==
.provisionsgroup.com/ Name: lo-uid
Value: c6a7ff2f-1678262635993-5fc911149e8fdf09
.provisionsgroup.com/ Name: lo-visits
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
cdn.linkedin.oribi.io
connect.facebook.net
p.typekit.net
provisionsgroup.com
prvgrpprd.wpenginepowered.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
settings.luckyorange.com
snap.licdn.com
static.ads-twitter.com
t.co
tools.luckyorange.com
use.typekit.net
ws.zoominfo.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
www2.provisionsgroup.com
tools.luckyorange.com
104.244.42.131
104.244.42.5
13.107.42.14
141.193.213.11
199.232.16.157
2001:4860:4802:34::36
2600:9000:2057:7600:18:6c16:27c0:93a1
2600:9000:20eb:4200:2:53b2:240:93a1
2606:4700::6810:650c
2620:1ec:21::14
2a00:1450:4001:827::2008
2a02:26f0:11a::217:9a58
2a02:26f0:11a::6867:4832
2a02:26f0:3500:16::215:14a0
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.107.203.234
35.185.209.134
52.54.96.194
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f71700022663d25eb8f5e0e680d5de8a2a6d9f4986f186dd2586fa58d4428b5
26cea47ccefbfba5e147b13e3654d20c6dd820743159fdb5e0c340aeb8fcc2cf
5d4ec4d045121ff396683e5a7a707d11ce285b76ba1de3dcf5aa9302ac590829
66a70cf711580febaff5450d777afef36b29e14b65f6233ea27ada10bfde433a
6708187209de1efbf38849abddcfd67efae9e6ba889f64c5f7fca344d120e0c0
6a806627b26cdab21ef528a3b8ac7674bc3b5b5167aec179f1a9f79a9ac3deb8
6fbf8701a7f2f5cb56ffe4cd2f2fa6564709f933ba5286d4ed31e524253b79f6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7db5e1fcd14f7a49cefe7a8a187532b99b64621c9a8c81c6000b531d25407325
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9558ebf11e706a8a7866f500f390dd49cf3f42949cf581bfae441b3ff0bdd302
98c8a5f102745e7786651b7b0a4efe64f94bac4a0b84d3bd8d04bb81f3790e06
992991aadc4ce70c822847337207749510464a18990c9fcd7c6a0a431a0964cb
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b7690da7ff64e2d6d83d50e84555271de796dc87c9f079283487cff53274eedf
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
cc5546d72d2cf9822f86fbb0b0b93d8fb73d587fae55034e81da5b55122749c5
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d202eab777e0b1d47771966e196a7456c4ec209b5289c43a84ca203fc3297ef2
d3f0cc8e1eb01034143e23c7ea2e97f6d3af7994e3934504e99b56a68b1106a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fa113b4777ef3a6c8bfcc374b646abc9fa5a46a4151e573efe279aea49260e6b
facdb180b697f86f717823c9b0690f55f4792754d6df3bfe356624240d9a0253