occmed.sanfordhealth.org Open in urlscan Pro
2620:1ec:bdf::13 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://occmed.sanfordhealth.org/
Submission: On February 10 via api (February 10th 2021, 10:27:40 pm UTC) from US

Summary HTTP 62 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 21 domains to perform 62 HTTP transactions. The main IP is 2620:1ec:bdf::13, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is occmed.sanfordhealth.org.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on April 21st 2020. Valid for: 2 years.

This is the only time occmed.sanfordhealth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	2620:1ec:bdf::13 2620:1ec:bdf::13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	65.9.69.59 65.9.69.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	52.44.229.3 52.44.229.3	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	184.31.90.174 184.31.90.174	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	13.224.196.103 13.224.196.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	65.9.69.78 65.9.69.78	16509 (AMAZON-02) (AMAZON-02)
1	52.18.148.102 52.18.148.102	16509 (AMAZON-02) (AMAZON-02)
1	82.199.68.73 82.199.68.73	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
62	28

17 2620:1ec:bdf::13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

occmed.sanfordhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.59 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.cloud.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.229.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-229-3.compute-1.amazonaws.com

usageanalytics.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

10059646.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.31.90.174 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-31-90-174.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.103 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-103.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.78 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.148.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-148-102.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.199.68.73 (Netherlands)

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	sanfordhealth.org occmed.sanfordhealth.org	1 MB
5	googleapis.com fonts.googleapis.com maps.googleapis.com	125 KB
4	facebook.com www.facebook.com	608 B
4	google-analytics.com www.google-analytics.com	19 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	61 KB
4	gstatic.com fonts.gstatic.com	36 KB
3	facebook.net connect.facebook.net	164 KB
3	serving-sys.com secure-ds.serving-sys.com bs.serving-sys.com	17 KB
3	doubleclick.net 1 redirects 10059646.fls.doubleclick.net stats.g.doubleclick.net	789 B
3	coveo.com static.cloud.coveo.com usageanalytics.coveo.com	9 KB
2	hubspot.com track.hubspot.com forms.hubspot.com	1 KB
2	bing.com bat.bing.com	9 KB
1	hsleadflows.net js.hsleadflows.net	76 KB
1	hs-banner.com js.hs-banner.com	13 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	107 B
1	hs-scripts.com js.hs-scripts.com	734 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
62	21

	Domain	Requested by
17	occmed.sanfordhealth.org	occmed.sanfordhealth.org
4	www.facebook.com	occmed.sanfordhealth.org
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	fonts.gstatic.com	fonts.googleapis.com
4	maps.googleapis.com	occmed.sanfordhealth.org maps.googleapis.com
3	connect.facebook.net	occmed.sanfordhealth.org connect.facebook.net
2	secure-ds.serving-sys.com	www.googletagmanager.com secure-ds.serving-sys.com
2	10059646.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	bat.bing.com	www.googletagmanager.com occmed.sanfordhealth.org
2	usageanalytics.coveo.com	static.cloud.coveo.com
1	forms.hubspot.com	js.hsleadflows.net
1	track.hubspot.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	extend.vimeocdn.com	www.googletagmanager.com
1	www.google.de	occmed.sanfordhealth.org
1	www.google.com	occmed.sanfordhealth.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	js.hs-scripts.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.jsdelivr.net	occmed.sanfordhealth.org
1	www.googletagmanager.com	occmed.sanfordhealth.org
1	static.cloud.coveo.com	occmed.sanfordhealth.org
1	fonts.googleapis.com	occmed.sanfordhealth.org
62	29

This site contains links to these domains. Also see Links.

Domain
www.sanfordhealth.org
www.mysanfordchart.org
systoc.sanfordhealth.org
app.globalsafetynetwork.com
sanfordhealth.formstack.com
news.sanfordhealth.org

Subject Issuer	Validity	Valid
www.sanfordhealth.org GeoTrust EV RSA CA 2018	`2020-04-21` - `2022-05-19`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.cloud.coveo.com Go Daddy Secure Certificate Authority - G2	`2019-08-06` - `2021-08-06`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.coveo.com Go Daddy Secure Certificate Authority - G2	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2020-01-03` - `2021-04-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
bs.serving-sys.com Go Daddy Secure Certificate Authority - G2	`2020-01-07` - `2022-03-08`	2 years	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://occmed.sanfordhealth.org/
Frame ID: 82D52DA9C0E31925E0F8A5A795C97667
Requests: 59 HTTP requests in this frame

Frame: https://10059646.fls.doubleclick.net/activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F
Frame ID: 4F29A780A0FE72247AF5E6B3D5B30E16
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 413492A19F389A0B487C2F360B65ADA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

62
Requests

100 %
HTTPS

64 %
IPv6

21
Domains

29
Subdomains

28
IPs

6
Countries

2138 kB
Transfer

6028 kB
Size

18
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sanfordhealth.org/conditions-diseases/coronavirus-disease-2019-covid-19?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Coronavirus (COVID-19) Information

Search URL Search Domain Scan URL

URL: https://www.mysanfordchart.org/mychart/
Title: sign in

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/alerts-and-announcements?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: visitor restrictions

Search URL Search Domain Scan URL

URL: https://systoc.sanfordhealth.org/isystoc/login.aspx
Title: Web-Based Reporting Login

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/patients-and-visitors/billing-and-insurance/pay-your-bill?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Pay Your Bill

Search URL Search Domain Scan URL

URL: https://app.globalsafetynetwork.com/
Title: Background Screen Login

Search URL Search Domain Scan URL

URL: https://sanfordhealth.formstack.com/forms/clearinghouse_reporting
Title: Complete the Form

Search URL Search Domain Scan URL

URL: https://news.sanfordhealth.org/workplace/workplace-air-quality/?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Learn About Air Quality

Search URL Search Domain Scan URL

URL: https://news.sanfordhealth.org/workplace/minimizing-hearing-loss-on-and-off-the-jobsite/?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Learn About Hearing Loss

Search URL Search Domain Scan URL

URL: https://news.sanfordhealth.org/workplace/minimizing-workplace-health-hazards/?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Read About Health Hazards

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/locations/sanford-health-occupational-medicine-clinic-bemidji?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Bemidji, MN

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/locations/sanford-health-occupational-medicine-clinic-bismarck?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Bismarck, ND

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/locations/sanford-health-occupational-medicine-clinic-dickinson?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Dickinson, ND

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/locations/sanford-health-625-demers-ave-clinic?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: East Grand Forks, MN

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/locations/sanford-health-occupational-medicine-clinic-fargo?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Fargo, ND

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/locations/sanford-health-occupational-medicine-clinic-sioux-falls?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Sioux Falls, SD

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/doctors?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718#f:_4C50B884-BF28-483D-8DB5-7F44F1CCAB34=[Occupational%20Medicine]&address={{addresstoken}}
Title: Our Doctors

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Sanford Health Website

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/terms-and-conditions?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.sanfordhealth.org/privacy-statement?__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&__hsfp=2978788718
Title: Privacy Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://10059646.fls.doubleclick.net/activityi;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F HTTP 302
https://10059646.fls.doubleclick.net/activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
occmed.sanfordhealth.org/ 39 KB
39 KB 410ms
247ms Document
text/html 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

fe127c677079921475ea0b3a2811c1ab05f142872a62379719475755483ff52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: occmed.sanfordhealth.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: private
content-length: 39910
content-type: text/html; charset=utf-8
server: Microsoft-IIS/8.5
set-cookie: ASP.NET_SessionId=pzjshpxojusqz4xy34ykt5ua; path=/; HttpOnly; SameSite=Lax
x-cache: TCP_MISS
x-xcachep2c-originurl: https://20.37.137.31:443/
x-xcachep2c-originip: 20.37.137.31
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=300; includeSubDomains
x-azure-ref-originshield: 0yl0kYAAAAACG6CeMMi6ZTpxOZVIIeZr/TE9OMjFFREdFMTUwNwBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-azure-ref: 0yl0kYAAAAACOT0isA+ONSaySP3FG6anWRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
date: Wed, 10 Feb 2021 22:27:22 GMT

GET
H2 200 sanford-service.min.css
occmed.sanfordhealth.org/styles/ 248 KB
39 KB 12ms
11ms Stylesheet
text/css 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/styles/sanford-service.min.css?v=2-ClYuGe0Yvq3Cq-pgy7t4pvcChIqHb0VBT5PDKNLQ81

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

fdf06229fbb44284cebf3f80d01962ea1dc1b9d39ab2449b94879c3e4358eae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
last-modified: Wed, 10 Feb 2021 21:20:14 GMT
server: Microsoft-IIS/8.5
cache-control: public
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAABPWf/KVBKnRK46DdQRRFOJRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0Dk4kYAAAAAAC/0dOMtVPSqRCEXClrQdfTE9OMjFFREdFMDEwNgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/styles/sanford-service.min.css?v=2-ClYuGe0Yvq3Cq-pgy7t4pvcChIqHb0VBT5PDKNLQ81
expires: Thu, 10 Feb 2022 21:20:14 GMT

GET
H2 200 sanford-service-head.min.js Show response
occmed.sanfordhealth.org/Scripts/ 13 KB
5 KB 14ms
13ms Script
text/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Scripts/sanford-service-head.min.js?v=JV_fZUizqVoEUe5xjzTZbndDU0VA7YfQAt3GYxBWnEA1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

0c943d40a865e7df780e8ed6a02b8e0147d33ebcd9ca8926927073c84194c71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
last-modified: Wed, 10 Feb 2021 21:20:14 GMT
server: Microsoft-IIS/8.5
cache-control: public
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAADPh6q4o1BASJ0esd8pYW1mRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0Dk4kYAAAAAC61yj5pPhuTauDXCKvrCUYTE9OMjFFREdFMTUxOABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/Scripts/sanford-service-head.min.js?v=JV_fZUizqVoEUe5xjzTZbndDU0VA7YfQAt3GYxBWnEA1
expires: Thu, 10 Feb 2022 21:20:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
922 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9d5f013cf604f1d80e71bcfe55fae3fc7c8a065df8e12ffa7088cd42825c0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 22:27:23 GMT
server: ESF
date: Wed, 10 Feb 2021 22:27:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Feb 2021 22:27:23 GMT

GET
H2 200 coveoua.js Show response
static.cloud.coveo.com/coveo.analytics.js/ 31 KB
8 KB 54ms
14ms Script
application/javascript 65.9.69.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveo.analytics.js/coveoua.js
Requested by: Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f6537f85f71e5ca9672d7cb7d73eebc9cbbbba5233b04ca04f0983d2283ecca

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 09 Feb 2018 20:37:46 GMT
server: AmazonS3
age: 85370
etag: W/"7d3657d1b0dc810784fc68dd61ac0372"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
date: Tue, 09 Feb 2021 22:44:34 GMT
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: uyhYCpipqhhwmfP9VdxhZhVHmsY2ApqTwD5Xp-Mgylw-ujNX0n2YCw==

GET
H2 200 occ-med-2c.png
occmed.sanfordhealth.org/-/media/occmed/images/ 11 KB
11 KB 613ms
608ms Image
image/png 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/occ-med-2c.png?w=174&h=72&hash=9A3003400FDEEAC2B51052F5BB8E52B563A1628A

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d0873062e23aac223cae246eb0e36e0e9f8d59bcfbdc38658de4e4f05ec18e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Tue, 24 Dec 2019 16:23:31 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:23 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/png
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAABhlTQfmTGSSKQlNGSTskEVRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAACxC15KfEzKQJjhB743FESPTE9OMjFFREdFMDIxMgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/occ-med-2c.png?w=174&h=72&hash=9A3003400FDEEAC2B51052F5BB8E52B563A1628A
content-length: 11087
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 CoveoFullSearch-service.min.css
occmed.sanfordhealth.org/Coveo/css/ 280 KB
29 KB 15ms
14ms Stylesheet
text/css 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Coveo/css/CoveoFullSearch-service.min.css?v=5I7LakISvur_8wHZ2NYk2II3Z1WYVZ33mnlq4df75Lc1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b1821bb21cda6e30665e5e9dbf74ff9286dae40012f016f744d10835d0e41937

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
last-modified: Wed, 10 Feb 2021 21:20:15 GMT
server: Microsoft-IIS/8.5
cache-control: public
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAADcuJ5yNsRdS79BnQBY/HoMRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0D04kYAAAAABoUZU5O5mATazpIBoBRU8PTE9OMjFFREdFMTUwOQBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/Coveo/css/CoveoFullSearch-service.min.css?v=5I7LakISvur_8wHZ2NYk2II3Z1WYVZ33mnlq4df75Lc1
expires: Thu, 10 Feb 2022 21:20:15 GMT

GET
H2 200 CoveoJsSearch-service.min.js Show response
occmed.sanfordhealth.org/coveo/js/ 2 MB
352 KB 14ms
13ms Script
text/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/coveo/js/CoveoJsSearch-service.min.js?v=WI_X2w0uYxlC5tSpkNuZzhxJcWScDvD7bRF8Dn4Wb_41

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

84f27a809fcaf3a77c5de01c43f08cceaa87caafca898ec59c8408368d57d064

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
last-modified: Wed, 10 Feb 2021 21:20:16 GMT
server: Microsoft-IIS/8.5
cache-control: public
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAAD291I52feqR6VRkOSL7Dw/RlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0D04kYAAAAAB2EULqDnOXSJZruHtoHBvrTE9OMjFFREdFMDIxMABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/coveo/js/CoveoJsSearch-service.min.js?v=WI_X2w0uYxlC5tSpkNuZzhxJcWScDvD7bRF8Dn4Wb_41
expires: Thu, 10 Feb 2022 21:20:16 GMT

GET
H2 200 en.js Show response
occmed.sanfordhealth.org/Coveo/js/cultures/ 44 KB
7 KB 16ms
16ms Script
application/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Coveo/js/cultures/en.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

267e03b73d1ac6e609b3eeae77b56ff00c1200179d319fc8096351da73c85320

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
last-modified: Wed, 15 May 2019 18:21:04 GMT
server: Microsoft-IIS/8.5
cache-control: max-age=604800
etag: "028cff44abd51:0"
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: application/javascript
x-xcachep2c-originip: 20.37.137.31
date: Wed, 10 Feb 2021 22:27:22 GMT
x-azure-ref: 0y10kYAAAAADeYRZZ5wf2T56BY9Q3sL8JRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0D04kYAAAAAAxoTsBL6+HRo0/d93cJQHPTE9OMjFFREdFMDIxNgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
accept-ranges: bytes
x-xcachep2c-originurl: https://20.37.137.31:443/Coveo/js/cultures/en.js

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 189 KB
53 KB 37ms
32ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49bc21862c796727ff354df8271437eaf933cc7015235b496912bb0c7a9baf10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54574
x-xss-protection: 0
last-modified: Wed, 10 Feb 2021 22:09:50 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Feb 2021 22:27:23 GMT

GET
H2 200 019037-00221-web-covid-19-facts-over-fear-690x402.jpg
occmed.sanfordhealth.org/-/media/occmed/images/resources/article-library/articles/ 51 KB
51 KB 190ms
187ms Image
image/jpeg 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/resources/article-library/articles/019037-00221-web-covid-19-facts-over-fear-690x402.jpg?h=402&la=en&w=690&hash=C008DA2905810D672346EF688362F81F7DB79097

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

22f8265b3ebc3a0ad97953346561df4b69b09dc02fbb382870b2268ef3070287

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Thu, 19 Mar 2020 15:54:41 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAAD03h6JYaArS4XhDE+G1UomRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAAD0pgELQxG3SbLehLCkwya9TE9OMjFFREdFMDExMABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/resources/article-library/articles/019037-00221-web-covid-19-facts-over-fear-690x402.jpg?h=402&la=en&w=690&hash=C008DA2905810D672346EF688362F81F7DB79097
content-length: 52272
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 019048-00647-web-occmed-homepage-slider-690x402_3.jpg
occmed.sanfordhealth.org/-/media/occmed/images/homepage/ 127 KB
127 KB 315ms
312ms Image
image/jpeg 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/homepage/019048-00647-web-occmed-homepage-slider-690x402_3.jpg?h=402&la=en&w=690&hash=212CFE763F98C44A70E65B435B08CD6B95F21AFA

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

4e7dcbd06255d824d497fee6d477f0e5e03017f01dd015ddf14eae5a167eb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Wed, 22 Jan 2020 20:12:43 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAAA+dX04thRlR4s3K7J7eaVIRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAADzP04mC1aYSYBarDNLCw9+TE9OMjFFREdFMTUwNgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/homepage/019048-00647-web-occmed-homepage-slider-690x402_3.jpg?h=402&la=en&w=690&hash=212CFE763F98C44A70E65B435B08CD6B95F21AFA
content-length: 129794
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 019048-00647-web-occmed-homepage-slider-690x402_2.jpg
occmed.sanfordhealth.org/-/media/occmed/images/homepage/ 76 KB
76 KB 393ms
390ms Image
image/jpeg 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/homepage/019048-00647-web-occmed-homepage-slider-690x402_2.jpg?h=402&la=en&w=690&hash=DA9FE256623DB9B88E771A1D07BB6E9019A0E39A

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

9d1307ffbb4f2b4ca156a955d6ed68558565d34fb7331f03786c4fc841dc369c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Wed, 22 Jan 2020 20:12:42 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:23 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAAC0THze7abpQYTZIaML153ERlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAAD1HD9MjPDhToJJv7eD7IGtTE9OMjFFREdFMDExNQBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/homepage/019048-00647-web-occmed-homepage-slider-690x402_2.jpg?h=402&la=en&w=690&hash=DA9FE256623DB9B88E771A1D07BB6E9019A0E39A
content-length: 77409
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 019048-00647-web-occmed-homepage-slider-690x402_1.jpg
occmed.sanfordhealth.org/-/media/occmed/images/homepage/ 73 KB
73 KB 179ms
175ms Image
image/jpeg 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/homepage/019048-00647-web-occmed-homepage-slider-690x402_1.jpg?h=402&la=en&w=690&hash=B56EB51B227B95FFE1F1EFB4C51E4A13A78C83CD

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

8e1827fe7203025ffc1b2d499137bfead572542d1643c5987168c45e4175aef0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Wed, 22 Jan 2020 20:12:41 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAADGz/7zIZBDSa3qFjWaXo2YRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAAAV3+NurwZMRIbE32IjjT/QTE9OMjFFREdFMDIxNgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/homepage/019048-00647-web-occmed-homepage-slider-690x402_1.jpg?h=402&la=en&w=690&hash=B56EB51B227B95FFE1F1EFB4C51E4A13A78C83CD
content-length: 74389
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 019048-00646-web-occmed-homepage-690x402.jpg
occmed.sanfordhealth.org/-/media/occmed/images/homepage/ 87 KB
87 KB 286ms
281ms Image
image/jpeg 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/homepage/019048-00646-web-occmed-homepage-690x402.jpg?h=402&la=en&w=690&hash=6551638F15F405F6269267EA1349F38B433E115E

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

35f645d019b01a009b7a0f53acf88459a5a5d86904871f82ab341c709c1af414

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Wed, 22 Jan 2020 20:12:40 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAACQReHNqwIxS5rMZyapFfonRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAAAOiWNuEHBhS52mScmR7GdoTE9OMjFFREdFMTUyMABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/homepage/019048-00646-web-occmed-homepage-690x402.jpg?h=402&la=en&w=690&hash=6551638F15F405F6269267EA1349F38B433E115E
content-length: 88687
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 occ-med-2c.png
occmed.sanfordhealth.org/-/media/occmed/images/ 11 KB
11 KB 172ms
168ms Image
image/png 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/occ-med-2c.png?h=72&la=en&w=174&hash=DF3CB2F5F3020C7EACDFDE0C3F1B93D32B4F5AB4

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

d0873062e23aac223cae246eb0e36e0e9f8d59bcfbdc38658de4e4f05ec18e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Tue, 24 Dec 2019 16:23:31 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/png
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAACtvZ9+ATGXQZr9ugFYqvB2RlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAAD2goMh1mzfR4QkTJ2LeqvCTE9OMjFFREdFMTUyMABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/occ-med-2c.png?h=72&la=en&w=174&hash=DF3CB2F5F3020C7EACDFDE0C3F1B93D32B4F5AB4
content-length: 11087
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H2 200 sanford-service-body.min.js Show response
occmed.sanfordhealth.org/Scripts/ 834 KB
178 KB 18ms
14ms Script
text/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/Scripts/sanford-service-body.min.js?v=o5DacUvHx07nfLGAExQ0CEwgBSiV9PoTO6k8VX4vKjs1

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

eed98744d78857eec28dae9f6f03cce1b6f4e7b6d9d00bd849c4e8117fed9dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
last-modified: Wed, 10 Feb 2021 21:20:16 GMT
server: Microsoft-IIS/8.5
cache-control: public
date: Wed, 10 Feb 2021 22:27:22 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAAAHLOC8BMqIRYSjLIebRx42RlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0D04kYAAAAAB5lYfl0hvFT68N76f7/2qaTE9OMjFFREdFMDIxMgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/Scripts/sanford-service-body.min.js?v=o5DacUvHx07nfLGAExQ0CEwgBSiV9PoTO6k8VX4vKjs1
expires: Thu, 10 Feb 2022 21:20:16 GMT

GET
H2 200 jquery.lazy.min.js Show response
cdn.jsdelivr.net/jquery.lazy/1.7.5/ 5 KB
2 KB 10ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.lazy/1.7.5/jquery.lazy.min.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a29be51bcc039f93f4b9c62a3f77f512b07815494fc6eefcb9f183a53b90e0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 84373
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 2330
etag: W/"1392-jt9bla4L+gvh4f5ZyiOxGz/05wc"
x-served-by: cache-fra19129-FRA, cache-hhn4052-HHN
date: Wed, 10 Feb 2021 22:27:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 131 KB
43 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

a99cb77472d93040ee9504f5d14a873c00b2a91e3077eb0f4162a0b9f0a9ddf0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=17
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43697
x-xss-protection: 0
expires: Wed, 10 Feb 2021 22:57:23 GMT

OPTIONS
H/1.1 200
OK view
usageanalytics.coveo.com/rest/v15/analytics/ Frame 0
0 440ms
113ms Other 52.44.229.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usageanalytics.coveo.com/rest/v15/analytics/view

Protocol

HTTP/1.1

Server

52.44.229.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-229-3.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://occmed.sanfordhealth.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Origin, Accept, X-Requested-With, Content-Type
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
Access-Control-Allow-Origin: https://occmed.sanfordhealth.org
Access-Control-Max-Age: 3600
Date: Wed, 10 Feb 2021 22:27:23 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK view Show response
usageanalytics.coveo.com/rest/v15/analytics/ 117 B
872 B 483ms
176ms Fetch
application/json 52.44.229.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usageanalytics.coveo.com/rest/v15/analytics/view

Requested by

Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveo.analytics.js/coveoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.229.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-229-3.compute-1.amazonaws.com

Software

Resource Hash

cf44665b70a988164fa61cb5c0edb0ad965a124b3a6bbf2d2e75a6286e4f3f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains, max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://occmed.sanfordhealth.org/
Authorization: Bearer xxf7c94658-1444-4b8f-b748-4026331016b7
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 10 Feb 2021 22:27:23 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Vary: Origin
Connection: keep-alive
P3P: CP="-"
Access-Control-Allow-Origin: https://occmed.sanfordhealth.org
Cache-Control: no-cache,no-store,must-revalidate,private
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16070400; includeSubDomains, max-age=16070400; includeSubDomains
Content-Type: application/json
Content-Length: 117
X-XSS-Protection: 1; mode=block
Expires: Thu Jan 01 00:00:00 UTC 1970

GET
H2 200 svg-sprite.svg
occmed.sanfordhealth.org/ 135 KB
136 KB 925ms
922ms Other
text/xml 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://occmed.sanfordhealth.org/svg-sprite.svg

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

3caaf08dba032508ce297f73f31b99f2adc1682b689ce65b5d9165a6184c011f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
server: Microsoft-IIS/8.5
x-xcachep2c-originip: 20.37.137.31
date: Wed, 10 Feb 2021 22:27:23 GMT
x-azure-ref: 0y10kYAAAAAB963E8Jp+NTaQrNk7xuTf2RlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-cache: TCP_MISS
content-type: text/xml; charset=utf-8
cache-control: public, max-age=3600
x-azure-ref-originshield: 0y10kYAAAAAAGC1BvCuNjR7LR9fUcxo3MTE9OMjFFREdFMDEwOABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/svg-sprite.svg

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://occmed.sanfordhealth.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:25:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 194530
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:25:13 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://occmed.sanfordhealth.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:25:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 194542
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 08 Feb 2022 16:25:01 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://occmed.sanfordhealth.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 05:56:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 145838
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 09 Feb 2022 05:56:45 GMT

GET
H2 200 hotjar-1431697.js Show response
static.hotjar.com/c/ 3 KB
2 KB 79ms
45ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1431697.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

1d2ddf21b19f70aa61a57348460fe94339f928ba54de8acfaa69d000f90108ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/90732a6d43c6aa9a41c5d68a66f23aa1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1558
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-id: CfAJndgGjPSHcnzGSGKhouaGUqtURbQp0lhpkl7rhY3RwNuhSXImWQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3736
date: Wed, 10 Feb 2021 21:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 10 Feb 2021 23:25:07 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 27ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:22 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 2EBD88B58A9F4AA39744A9DEBB584737 Ref B: FRAEDGE1410 Ref C: 2021-02-10T22:27:23Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H3-Q050

200

activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F
10059646.fls.doubleclick.net/ Frame 4F29
Redirect Chain

https://10059646.fls.doubleclick.net/activityi;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F?
https://10059646.fls.doubleclick.net/activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foc...

0
0

59ms
44ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10059646.fls.doubleclick.net/activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10059646.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://occmed.sanfordhealth.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 10 Feb 2021 22:27:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 10-Feb-2021 22:42:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 10 Feb 2021 22:27:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10059646.fls.doubleclick.net/activityi;dc_pre=CNG0t8Gu4O4CFaaI7QodbL8F-g;src=10059646;type=pagev0;cat=pagev0;ord=3043242763384;gtm=2wg230;auiddc=1110651753.1612996043;~oref=https%3A%2F%2Foccmed.sanfordhealth.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 52 KB
16 KB 25ms
8ms Script
application/javascript 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 15:15:57 GMT
server
x-powered-by: ARR/3.0
etag: "84a7fce7aaabd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=488
accept-ranges: bytes
content-length: 15848

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: +1J0i7TUF3yg9bLbny8Gc+t7HuD3gxt2ESqA9BwRFt2cSm5or0is/Y6FsUCh5Ewkk4ckLfPIAzKSzjA3fjYp0Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 10 Feb 2021 22:27:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2204273.js Show response
js.hs-scripts.com/ 1 KB
734 B 12ms
11ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2204273.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8a8ff2b7b72ce9201913ccb2817dd3a1b3660b690e1483efbc1a2d67125b2c6

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 38
cf-polished: origSize=1467
cf-request-id: 082fa7799d00000eb304ae6000000001
cf-bgj: minify
server: cloudflare
x-trace: 2B9E71A2A5FA08FC44CC78373BCE4027F9C611062A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.sanfordhealth.org
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 61f941d5cb1c0eb3-FRA
expires: Wed, 10 Feb 2021 22:28:23 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
72 B 14ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=616350229&t=pageview&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20OccMed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=2123753199&gjid=516476554&cid=43125679.1612996043&tid=UA-17672572-22&_gid=753287978.1612996043&_r=1&gtm=2wg230PHTXJVD&z=982146831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Feb 2021 22:27:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://occmed.sanfordhealth.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-17672572-22&cid=43125679.1612996043&jid=2123753199&gjid=516476554&_gid=753287978.1612996043&_u=YEBAAAAAAAAAAC~&z=1475997551

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 10 Feb 2021 22:27:23 GMT
content-type: text/plain
access-control-allow-origin: https://occmed.sanfordhealth.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 019048-00645-web-occmed-homepage-1375x559.jpg
occmed.sanfordhealth.org/-/media/occmed/images/homepage/ 239 KB
240 KB 933ms
933ms Image
image/jpeg 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/-/media/occmed/images/homepage/019048-00645-web-occmed-homepage-1375x559.jpg?w=1375&h=559&hash=553D9D815F80FAC18E86314C98C3973AAAE5BC7B

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ead9ade220d9d06b3be88a434b676ed0035b112814652fb50544827f6abb8b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Wed, 22 Jan 2020 15:58:54 GMT
server: Microsoft-IIS/8.5
cache-control: private, max-age=604800
date: Wed, 10 Feb 2021 22:27:23 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_MISS
content-type: image/jpeg
x-xcachep2c-originip: 20.37.137.31
x-azure-ref: 0y10kYAAAAABb7bYBFw+2RLHvZRzE2j1IRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0y10kYAAAAADsGn2N8EiIRbaziygXadx3TE9OMjFFREdFMDEwOQBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-xcachep2c-originurl: https://20.37.137.31:443/-/media/occmed/images/homepage/019048-00645-web-occmed-homepage-1375x559.jpg?w=1375&h=559&hash=553D9D815F80FAC18E86314C98C3973AAAE5BC7B
content-length: 245215
expires: Wed, 17 Feb 2021 22:27:23 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://occmed.sanfordhealth.org
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 13:34:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:44 GMT
server: sffe
age: 204768
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9192
x-xss-protection: 0
expires: Tue, 08 Feb 2022 13:34:35 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-17672572-22&cid=43125679.1612996043&jid=2123753199&_u=YEBAAAAAAAAAAC~&z=1485353507

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Feb 2021 22:27:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-17672572-22&cid=43125679.1612996043&jid=2123753199&_u=YEBAAAAAAAAAAC~&z=1485353507

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Feb 2021 22:27:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 17092940.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 49ms
16ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/17092940.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PHTXJVD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: gzip
age: 1895330
x-cache: HIT
x-cache-hits: 578162
content-length: 5692
x-served-by: cache-fra19181-FRA
x-vimeo-dc: ge
last-modified: Thu, 14 Jan 2021 20:01:48 GMT
server: Apache
x-timer: S1612996043.437413,VS0,VE0
etag: "43e3-5b8e1b9ce2300"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2031 23:58:33 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
27ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5230470&Ver=2&mid=4f58f17a-299d-4b57-8cf2-f00627e2977d&sid=257128a06bef11eb925e29b435d773e4&vid=257162106bef11ebbace01862e097817&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sanford%20OccMed&p=https%3A%2F%2Foccmed.sanfordhealth.org%2F&r=&lt=771&evt=pageLoad&msclkid=N&sv=1&rn=327687
Requested by: Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 10 Feb 2021 22:27:22 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 4ED4CF9EA6494A79ABEAD7643A88589A Ref B: FRAEDGE1410 Ref C: 2021-02-10T22:27:23Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 158452134738346 Show response
connect.facebook.net/signals/config/ 244 KB
70 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/158452134738346?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90db78415568f0e55e6c5f74b97820cde07173f66198e640452e86e366233515

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 71725
x-fb-rlafr: 0
pragma: public
x-fb-debug: joMSeLxCe15PSiMAHqgGqvry0fr+qtxukoQB3t6lkbSkeuezVytHi1IhoiwiXRuWNdDU7p7TjjUY/I+nPEQEuA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 10 Feb 2021 22:27:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1658276485
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sprites.png
occmed.sanfordhealth.org/Coveo/image/ 63 KB
63 KB 14ms
14ms Image
image/png 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://occmed.sanfordhealth.org/Coveo/image/sprites.png

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/Coveo/css/CoveoFullSearch-service.min.css?v=5I7LakISvur_8wHZ2NYk2II3Z1WYVZ33mnlq4df75Lc1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

b890e426df7d5e88ee8546f7c8a1eae6a931ef0272d1c16ec8ca87bf6f3600ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://occmed.sanfordhealth.org/Coveo/css/CoveoFullSearch-service.min.css?v=5I7LakISvur_8wHZ2NYk2II3Z1WYVZ33mnlq4df75Lc1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Wed, 10 Feb 2021 19:44:13 GMT
server: Microsoft-IIS/8.5
cache-control: max-age=604800
etag: "7728a71be5ffd61:0"
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: image/png
x-xcachep2c-originip: 20.37.137.31
date: Wed, 10 Feb 2021 22:27:22 GMT
x-azure-ref: 0y10kYAAAAABC3Zog4vSRToJG5oL/untbRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0EU4kYAAAAAAPScZVNo/VSIpZnv3PpyPeTE9OMjFFREdFMTUwOQBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
accept-ranges: bytes
x-xcachep2c-originurl: https://20.37.137.31:443/Coveo/image/sprites.png
content-length: 64644

GET
H2 200 modules.47c8b2ab63e7e626e930.js Show response
script.hotjar.com/ 224 KB
59 KB 53ms
16ms Script
application/javascript 13.224.196.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.47c8b2ab63e7e626e930.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1431697.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.196.103 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-196-103.fra2.r.cloudfront.net

Software

Resource Hash

e37c5391c6766895508e0c5e48baeff94effd87d0292d02366b65c3d4e24b82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 13:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33119
x-cache: Hit from cloudfront
content-length: 60061
access-control-allow-origin: *
last-modified: Wed, 10 Feb 2021 13:12:16 GMT
etag: "f183ae0127053a1a3e34413e0c039c19"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3b02f73dccc5077f1ad544a27a475ed6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: XKnPlICUIVy3idpmm-9sMNXE_NlKi0rTNIuBM-fUfWtaU-CZ0ccuwA==

GET
H2 200 10273 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/ 2 KB
800 B 177ms
162ms XHR
application/octet-stream 184.31.90.174
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/10273
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.90.174 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-31-90-174.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: 2097ebf3007389d0b721a6809b085de03c25085a600477255cd04a5cc8d4bf75

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: FqHtpCzjCinkYxB0v5gJqmRII60yFyqm
content-encoding: gzip
last-modified: Fri, 09 Aug 2019 14:25:49 GMT
server: ATS/7.1.0
x-amz-request-id: A4CC416F7BBF768F
etag: "69cee56121c5b948177804585d271da8"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=600
date: Wed, 10 Feb 2021 22:27:23 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 445
x-amz-id-2: oCDEqj2qvhEzV2U3suhTy7nH06afrQtNRCOSW8cTSBawT5aiTH0kglhq2MbF//VdoQ65iJXAE0Y=

GET
H2 200 2204273.js Show response
js.hs-analytics.net/analytics/1612995900000/ 63 KB
19 KB 18ms
17ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1612995900000/2204273.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9950c263d7a4d2668e2cedd29ef55d81c2fcc4d7819525389a8f9254b2ade379

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 37
x-amz-server-side-encryption: AES256
x-amz-request-id: FEDEB181DD945DCA
x-amz-id-2: eFdS1EHEPqj1sWL1nT++agV541uZZhwPSr+oNdQtvKYj17e/h1kZAjyLLGKl26w++bZbZbd27xo=
last-modified: Tue, 02 Feb 2021 21:49:55 GMT
server: cloudflare
etag: W/"00fbb978033d5a352b23772998cf9bf7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 082fa77ad60000d725d5800000000001
cf-ray: 61f941d7ba53d725-FRA
expires: Wed, 10 Feb 2021 22:31:46 GMT

GET
H2 200 2204273.js Show response
js.hs-banner.com/ 56 KB
13 KB 27ms
25ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2204273.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dcc5c3ef047be44ca38889bca6cad8eac393d09102b3f061bb63fc93dcf17cb

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=awcEVw==, md5=rfxvfDg6E2Gxl2D+LShAdQ==
date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 22
x-guploader-uploadid: ABg5-UwvNq8Lux_ZvD0GJbwMu-I4Xs_NelNxI-eLGdaFic3vDVjtSkonNK910XfDBWZrkHT6TYdXV8ehWBlm7IEq54A
x-goog-storage-class: STANDARD
access-control-max-age: 604800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript; charset=UTF-8
cf-request-id: 082fa77ad70000c303e9390000000001
timing-allow-origin: *
last-modified: Tue, 05 Jan 2021 17:26:23 GMT
server: cloudflare
etag: W/"adfc6f7c383a1361b19760fe2d284075"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-goog-generation: 1609867583945779
access-control-allow-origin: https://www.good-sam.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
x-goog-stored-content-length: 57587
cf-ray: 61f941d7be70c303-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 10 Feb 2021 22:32:01 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 448 KB
76 KB 30ms
28ms Script
application/javascript 2606:4700::6811:e7cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e7cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4

Request headers

Origin: https://occmed.sanfordhealth.org
Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
via: 1.1 db72f6ab1d9d27534c6158ca17e3af1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4027
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.969/bundle/main/lead-flows-release.js&cfRay=61f8df856aa54a67-IAD
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-request-id: 082fa77ad600002bc64b826000000001
cf-ray: 61f941d7bb122bc6-FRA
last-modified: Thu, 17 Dec 2020 10:03:39 UTC
server: cloudflare
etag: W/"a566ab0a8f74bc7424c04febd0ea0ce7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: rhp8gAMuDbTLsXApeWVaA5lKkewB4A5p
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: bb2YobVsVLfm8yG59qUTxlleWA_jjv9bUiBK4N2KAu7N-oU07Dym3w==

GET
H2 200 876343656212748 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 114ms
113ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/876343656212748?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

160276381f335d66fc67a048ae7db562decda670a80b0bade0e071039424497d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 1cnt9hb+vNNk7V12Kgqk/iEi+6IktCbSeyVqsxic+Yjb/Gw16vruOrzyvB9eEKV6tfWWhBZ2W/CgXbdVa+FAxg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 10 Feb 2021 22:27:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1756596357
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=PageView&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&rl=&if=false&ts=1612996043496&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612996043495.1487988556&it=1612996043453&coo=false&rqm=GET

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 10 Feb 2021 22:27:23 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4134 0
0 45ms
13ms Document
text/html 65.9.69.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1431697.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.78 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://occmed.sanfordhealth.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://occmed.sanfordhealth.org/

Response headers

content-type: text/html
content-length: 851
date: Mon, 23 Nov 2020 17:01:03 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Mon, 23 Nov 2020 15:41:01 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: g5F8hg14sthJ7p1uw4huh0BJAWSmJtDXfUUWq1_ASJ8vf5LI-78oZA==
age: 6845180

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1431697/ 152 B
305 B 100ms
37ms XHR
application/json 52.18.148.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1431697/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.47c8b2ab63e7e626e930.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.148.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-148-102.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 10 Feb 2021 22:27:23 GMT
content-encoding: br
access-control-allow-credentials: true
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876343656212748&ev=PageView&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&rl=&if=false&ts=1612996043628&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1612996043495.1487988556&it=1612996043453&coo=false&rqm=GET

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 10 Feb 2021 22:27:23 GMT

GET
H/1.1 200 Serving Show response
bs.serving-sys.com/ 321 B
1007 B 101ms
25ms Script
text/html 82.199.68.73
EQUINIX-CONNECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=10273&dispType=js&sync=0&sessionid=3670543145031401732&pageurl=$$https%3A%2F%2Foccmed.sanfordhealth.org%2F$$&activityValues=$$Session%3D7958170457370088402$$&ns=0&rnd=70054717008482
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_CBC
Server: 82.199.68.73 , Netherlands, ASN15830 (EQUINIX-CONNECT, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e030036c36fb456cd68a1c66bef9008725fb407e019877db4678268d14d7c498

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 10 Feb 2021 22:28:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Content-Length: 249
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=Microdata&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&rl=&if=false&ts=1612996043999&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sanford%20OccMed%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Sanford%20OccMed%20provides%20occupational%20medicine%20services%20that%20makes%20sense%20for%20your%20business%2C%20saving%20you%20time%20and%20money.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Sanford%20OccMed%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Foccmed.sanfordhealth.org%3A443%2F-%2Fmedia%2Ffeature%2Fmetadata%2Fsanford-health.jpg%3Fbc%3Dblack%26as%3D0%26h%3D200%26la%3Den%26w%3D382%26hash%3D967EB15D2B379629514EE756E370944D173CC75C%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Foccmed.sanfordhealth.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1612996043495.1487988556&it=1612996043453&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 10 Feb 2021 22:27:24 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=876343656212748&ev=Microdata&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&rl=&if=false&ts=1612996044129&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sanford%20OccMed%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Sanford%20OccMed%20provides%20occupational%20medicine%20services%20that%20makes%20sense%20for%20your%20business%2C%20saving%20you%20time%20and%20money.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Sanford%20OccMed%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Foccmed.sanfordhealth.org%3A443%2F-%2Fmedia%2Ffeature%2Fmetadata%2Fsanford-health.jpg%3Fbc%3Dblack%26as%3D0%26h%3D200%26la%3Den%26w%3D382%26hash%3D967EB15D2B379629514EE756E370944D173CC75C%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Foccmed.sanfordhealth.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1612996043495.1487988556&it=1612996043453&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: occmed.sanfordhealth.org
URL: https://occmed.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 10 Feb 2021 22:27:24 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
614 B 39ms
39ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=2204273&pu=https%3A%2F%2Foccmed.sanfordhealth.org%2F&t=Sanford+OccMed&cts=1612996044171&vi=4f79aa96ac94ac1809e239632834ef26&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:24 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 61f941dc1b7363d1-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 082fa77d8d000063d1f1101000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VymisLhrAHDgUdeCPjfLcepr12KIrqkjHfLaKpAASqvrrCEstrBVJZ3K5TQOwTXOyFigx20%2BPxZF%2F1yen7aTDfUh82fZk5a9gCR95q2kkoNlsn7Q3vgRyfevqEFzKQ%3D%3D"}]}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=616350229&t=event&ni=1&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20OccMed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=percent&el=10&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=43125679.1612996043&tid=UA-17672572-22&_gid=753287978.1612996043&gtm=2wg230PHTXJVD&z=305734568

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Feb 2021 07:22:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54266
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=616350229&t=event&ni=1&_s=1&dl=https%3A%2F%2Foccmed.sanfordhealth.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20OccMed&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=percent&el=25&_u=aEHAAEABAAAAAC~&jid=&gjid=&cid=43125679.1612996043&tid=UA-17672572-22&_gid=753287978.1612996043&gtm=2wg230PHTXJVD&z=53475464

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Feb 2021 07:22:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54266
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
582 B 171ms
170ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2204273&utk=4f79aa96ac94ac1809e239632834ef26&__hstc=239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1&__hssc=239181569.1.1612996044170&currentUrl=https%3A%2F%2Foccmed.sanfordhealth.org%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eeab2eb96b7666aba0495164cbc4c719af1175ffb8d5a309031ae7ca63bef31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:27:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 082fa77dcb00000605d3b88000000001
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5hJfKSPaJbuQgK4j6CCHmjAnRZ2wLwDdq9xrX3nbz%2BV3TMwN0QJC1USFYoV6mFt%2F%2FSAOsC%2FsPy3cCag0sbVbpT33eRZwaitd2k2FaB5lg4mz1sBEbLYDaSftNxEYfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://occmed.sanfordhealth.org
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 61f941dc7c290605-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3-Q050 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8/ 75 KB
28 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae5237b82b0b640822d5aa6c3ac444e3713971530f89664e4ff876275b3af569

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 18:24:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 21:52:32 GMT
server: sffe
age: 532968
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28107
x-xss-protection: 0
expires: Fri, 04 Feb 2022 18:24:40 GMT

GET
H3-Q050 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/43/8/ 145 KB
54 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/43/8/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c2a3c7b4de6a6ef709ce7b013148bb56839367b56605d8e0c028790b7be153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 02:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Feb 2021 21:52:32 GMT
server: sffe
age: 329662
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54980
x-xss-protection: 0
expires: Mon, 07 Feb 2022 02:53:06 GMT

GET
H3-Q050 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
122 B 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Foccmed.sanfordhealth.org%2F&4sAIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&callback=_xdc_._hz6x8f&key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&token=92986

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/43/8/common.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

3b49332051ebd7e94fd7aaee77bbad6a5988fd9bcdca43a371ebc94db48fd094

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://occmed.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Feb 2021 22:27:28 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=30
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:03:16	Name: test_cookie Value: CheckForPermission
occmed.sanfordhealth.org/	1970-01-19 16:03:17	Name: __hssc Value: 239181569.1.1612996044170
occmed.sanfordhealth.org/	1970-01-20 01:24:52	Name: hubspotutk Value: 4f79aa96ac94ac1809e239632834ef26
occmed.sanfordhealth.org/	1970-01-20 01:24:52	Name: __hstc Value: 239181569.4f79aa96ac94ac1809e239632834ef26.1612996044170.1612996044170.1612996044170.1
.sanfordhealth.org/	1970-01-19 16:03:17	Name: _hjFirstSeen Value: 1
.sanfordhealth.org/	1970-01-19 16:03:17	Name: _hjAbsoluteSessionInProgress Value: 0
.sanfordhealth.org/	1970-01-19 16:04:42	Name: _uetsid Value: 257128a06bef11eb925e29b435d773e4
.sanfordhealth.org/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
.sanfordhealth.org/	1970-01-19 18:12:52	Name: _fbp Value: fb.1.1612996043495.1487988556
.sanfordhealth.org/	1970-01-19 16:26:40	Name: _uetvid Value: 257162106bef11ebbace01862e097817
occmed.sanfordhealth.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: pzjshpxojusqz4xy34ykt5ua
occmed.sanfordhealth.org/	1970-01-19 16:03:16	Name: _hjIncludedInPageviewSample Value: 1
.sanfordhealth.org/	1970-01-19 18:12:52	Name: _gcl_au Value: 1.1.1110651753.1612996043
.occmed.sanfordhealth.org/	1970-01-19 16:04:42	Name: _gid Value: GA1.3.753287978.1612996043
.sanfordhealth.org/	1970-01-20 00:48:52	Name: _hjid Value: fde70031-562c-4b7e-9689-ee3c72ae5d22
occmed.sanfordhealth.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.occmed.sanfordhealth.org/	1970-01-19 16:03:16	Name: _gat_UA-17672572-22 Value: 1
.occmed.sanfordhealth.org/	1970-01-20 09:34:28	Name: _ga Value: GA1.3.43125679.1612996043

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://occmed.sanfordhealth.org/coveo/js/CoveoJsSearch-service.min.js?v=WI_X2w0uYxlC5tSpkNuZzhxJcWScDvD7bRF8Dn4Wb_41(Line 1) Message: INFO,[object HTMLDivElement],Value for option partialMatchKeywords is less than the possible minimum (Value is 0, minimum is 1). It has been forced to it's minimum value.,[object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10059646.fls.doubleclick.net
bat.bing.com
bs.serving-sys.com
cdn.jsdelivr.net
connect.facebook.net
extend.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsleadflows.net
maps.googleapis.com
occmed.sanfordhealth.org
script.hotjar.com
secure-ds.serving-sys.com
static.cloud.coveo.com
static.hotjar.com
stats.g.doubleclick.net
track.hubspot.com
usageanalytics.coveo.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.196.103
13.225.78.69
142.250.186.134
151.101.14.109
184.31.90.174
2606:4700::6811:47b0
2606:4700::6811:d6cc
2606:4700::6811:e7cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:1ec:bdf::13
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:812::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200a
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
52.18.148.102
52.44.229.3
65.9.69.59
65.9.69.78
82.199.68.73
0c943d40a865e7df780e8ed6a02b8e0147d33ebcd9ca8926927073c84194c71b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160276381f335d66fc67a048ae7db562decda670a80b0bade0e071039424497d
1d2ddf21b19f70aa61a57348460fe94339f928ba54de8acfaa69d000f90108ee
2097ebf3007389d0b721a6809b085de03c25085a600477255cd04a5cc8d4bf75
22f8265b3ebc3a0ad97953346561df4b69b09dc02fbb382870b2268ef3070287
267e03b73d1ac6e609b3eeae77b56ff00c1200179d319fc8096351da73c85320
35f645d019b01a009b7a0f53acf88459a5a5d86904871f82ab341c709c1af414
3b49332051ebd7e94fd7aaee77bbad6a5988fd9bcdca43a371ebc94db48fd094
3caaf08dba032508ce297f73f31b99f2adc1682b689ce65b5d9165a6184c011f
3f6537f85f71e5ca9672d7cb7d73eebc9cbbbba5233b04ca04f0983d2283ecca
49bc21862c796727ff354df8271437eaf933cc7015235b496912bb0c7a9baf10
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e7dcbd06255d824d497fee6d477f0e5e03017f01dd015ddf14eae5a167eb502
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
560ff2564fbf2bef305cf0e9533c4db2671c96297d978fd31ac0310727fe455f
5dcc5c3ef047be44ca38889bca6cad8eac393d09102b3f061bb63fc93dcf17cb
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce
7c2a3c7b4de6a6ef709ce7b013148bb56839367b56605d8e0c028790b7be153b
7eeab2eb96b7666aba0495164cbc4c719af1175ffb8d5a309031ae7ca63bef31
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f27a809fcaf3a77c5de01c43f08cceaa87caafca898ec59c8408368d57d064
8e1827fe7203025ffc1b2d499137bfead572542d1643c5987168c45e4175aef0
90db78415568f0e55e6c5f74b97820cde07173f66198e640452e86e366233515
91ed6ce02b6c75337190849469779a4bd41848b76017521bf4544f268c011ad4
9950c263d7a4d2668e2cedd29ef55d81c2fcc4d7819525389a8f9254b2ade379
9d1307ffbb4f2b4ca156a955d6ed68558565d34fb7331f03786c4fc841dc369c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a29be51bcc039f93f4b9c62a3f77f512b07815494fc6eefcb9f183a53b90e0b5
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a99cb77472d93040ee9504f5d14a873c00b2a91e3077eb0f4162a0b9f0a9ddf0
ae5237b82b0b640822d5aa6c3ac444e3713971530f89664e4ff876275b3af569
b1821bb21cda6e30665e5e9dbf74ff9286dae40012f016f744d10835d0e41937
b890e426df7d5e88ee8546f7c8a1eae6a931ef0272d1c16ec8ca87bf6f3600ac
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
cf44665b70a988164fa61cb5c0edb0ad965a124b3a6bbf2d2e75a6286e4f3f01
d0873062e23aac223cae246eb0e36e0e9f8d59bcfbdc38658de4e4f05ec18e35
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e030036c36fb456cd68a1c66bef9008725fb407e019877db4678268d14d7c498
e37c5391c6766895508e0c5e48baeff94effd87d0292d02366b65c3d4e24b82a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e9d5f013cf604f1d80e71bcfe55fae3fc7c8a065df8e12ffa7088cd42825c0bd
ead9ade220d9d06b3be88a434b676ed0035b112814652fb50544827f6abb8b7f
eed98744d78857eec28dae9f6f03cce1b6f4e7b6d9d00bd849c4e8117fed9dae
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8a8ff2b7b72ce9201913ccb2817dd3a1b3660b690e1483efbc1a2d67125b2c6
fdf06229fbb44284cebf3f80d01962ea1dc1b9d39ab2449b94879c3e4358eae5
fe127c677079921475ea0b3a2811c1ab05f142872a62379719475755483ff52b

occmed.sanfordhealth.org Open in urlscan Pro 2620:1ec:bdf::13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

62 Requests

100 %HTTPS

64 %IPv6

21 Domains

29 Subdomains

28 IPs

6 Countries

2138 kBTransfer

6028 kBSize

18 Cookies

20 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

occmed.sanfordhealth.org Open in urlscan Pro
2620:1ec:bdf::13 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

100 %
HTTPS

64 %
IPv6

21
Domains

29
Subdomains

28
IPs

6
Countries

2138 kB
Transfer

6028 kB
Size

18
Cookies

62 HTTP transactions
0 data transactions