www.sanfordhealth.org Open in urlscan Pro
2620:1ec:bdf::60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www2.sanfordhealth.org/
Effective URL:
https://www.sanfordhealth.org/
Submission: On September 10 via manual (September 10th 2021, 12:23:39 am UTC) from US — Scanned from DE

Summary HTTP 117 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 41 IPs in 6 countries across 36 domains to perform 117 HTTP transactions. The main IP is 2620:1ec:bdf::60, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.sanfordhealth.org.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on April 21st 2020. Valid for: 2 years.

This is the only time www.sanfordhealth.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	206.208.217.193 206.208.217.193	46206 (AS-SANFOR...) (AS-SANFORDHEALTH)
1 11	2620:1ec:bdf::60 2620:1ec:bdf::60	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:400a:801::200a	15169 (GOOGLE) (GOOGLE)
9	143.204.207.4 143.204.207.4	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:400a:802::2008	15169 (GOOGLE) (GOOGLE)
2	54.161.185.208 54.161.185.208	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:400a:803::2003	15169 (GOOGLE) (GOOGLE)
2	52.239.234.100 52.239.234.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:400a:808::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.240.157 151.101.240.157	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	172.217.168.38 172.217.168.38	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:7034	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:f3:... 2a02:26f0:f3:58f::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3031::ac43:91b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:39::84 2a04:4e42:39::84	54113 (FASTLY) (FASTLY)
2	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.242.109 151.101.242.109	54113 (FASTLY) (FASTLY)
2 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	2a00:1450:401... 2a00:1450:4013:c00::9d	15169 (GOOGLE) (GOOGLE)
20	40.114.241.141 40.114.241.141	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	52.28.224.120 52.28.224.120	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f15... 2a03:2880:f15b:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400a:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400a:801::2002	15169 (GOOGLE) (GOOGLE)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400a:803::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:71b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eacc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.203.98 142.250.203.98	15169 (GOOGLE) (GOOGLE)
117	41

1 206.208.217.193 (Dell Rapids, United States) 1 redirects

ASN46206 (AS-SANFORDHEALTH, US)
PTR: 206-208-217-193.dia.static.qwest.net

www2.sanfordhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2620:1ec:bdf::60 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.sanfordhealth.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400a:801::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.207.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-4.fra53.r.cloudfront.net

static.cloud.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

dhan-sana-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400a:802::2008 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.161.185.208 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-185-208.compute-1.amazonaws.com

usageanalytics.coveo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400a:803::2003 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.234.100 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dhanprodfrontend.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400a:808::200e (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.240.157 (Milan, Italy)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.168.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s14-in-f6.1e100.net

10083857.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7034 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.sitescdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f3:58f::25ea (Glattbrugg, Switzerland)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b0 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:39::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.242.109 (Milan, Italy)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c00::9d (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 40.114.241.141 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.224.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-224-120.eu-central-1.compute.amazonaws.com

18499.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f15b:83:face:b00c:0:25de (Zurich, Switzerland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:803::2004 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:801::2002 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a:803::2002 (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:71b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.203.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s16-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	visualstudio.com dc.services.visualstudio.com	2 KB
12	sanfordhealth.org 2 redirects www2.sanfordhealth.org www.sanfordhealth.org	757 KB
11	coveo.com static.cloud.coveo.com usageanalytics.coveo.com	316 KB
7	clarity.ms 1 redirects www.clarity.ms c.clarity.ms f.clarity.ms	24 KB
6	facebook.com www.facebook.com	864 B
6	gstatic.com fonts.gstatic.com	105 KB
6	googleapis.com fonts.googleapis.com maps.googleapis.com	170 KB
5	doubleclick.net 1 redirects 10083857.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
5	google-analytics.com www.google-analytics.com	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	bing.com 1 redirects bat.bing.com c.bing.com	10 KB
4	googletagmanager.com www.googletagmanager.com	205 KB
3	google.de www.google.de adservice.google.de	2 KB
3	google.com www.google.com adservice.google.com	2 KB
3	pinterest.com ct.pinterest.com	1021 B
3	facebook.net connect.facebook.net	203 KB
2	hubspot.com track.hubspot.com forms.hubspot.com	2 KB
2	pinimg.com s.pinimg.com	18 KB
2	windows.net dhanprodfrontend.blob.core.windows.net	17 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	hubapi.com api.hubapi.com	959 B
1	hs-analytics.net js.hs-analytics.net	20 KB
1	hsleadflows.net js.hsleadflows.net	87 KB
1	hsadspixel.net js.hsadspixel.net	3 KB
1	hs-banner.com js.hs-banner.com	16 KB
1	siteimproveanalytics.io 18499.global.siteimproveanalytics.io	650 B
1	t.co t.co	454 B
1	twitter.com analytics.twitter.com	659 B
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	hs-scripts.com js.hs-scripts.com	978 B
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
1	licdn.com snap.licdn.com	2 KB
1	sitescdn.net assets.sitescdn.net	2 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	azureedge.net dhan-sana-cdn.azureedge.net	229 KB
1	jsdelivr.net cdn.jsdelivr.net	3 KB
117	36

	Domain	Requested by
20	dc.services.visualstudio.com	dhan-sana-cdn.azureedge.net
11	www.sanfordhealth.org	1 redirects www.sanfordhealth.org static.cloud.coveo.com
9	static.cloud.coveo.com	www.sanfordhealth.org static.cloud.coveo.com
6	www.facebook.com	www.sanfordhealth.org
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google-analytics.com	www.googletagmanager.com dhan-sana-cdn.azureedge.net
4	www.googletagmanager.com	www.sanfordhealth.org www.googletagmanager.com js.hsadspixel.net
4	maps.googleapis.com	www.sanfordhealth.org maps.googleapis.com
3	f.clarity.ms	dhan-sana-cdn.azureedge.net
3	ct.pinterest.com	dhan-sana-cdn.azureedge.net www.sanfordhealth.org
3	connect.facebook.net	www.sanfordhealth.org connect.facebook.net
3	10083857.fls.doubleclick.net	1 redirects www.googletagmanager.com www.sanfordhealth.org
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.sanfordhealth.org
2	www.google.de	www.sanfordhealth.org
2	www.google.com	www.sanfordhealth.org
2	c.clarity.ms	1 redirects www.sanfordhealth.org
2	px.ads.linkedin.com	2 redirects
2	www.clarity.ms	www.sanfordhealth.org www.clarity.ms
2	s.pinimg.com	www.sanfordhealth.org s.pinimg.com
2	dhanprodfrontend.blob.core.windows.net	www.sanfordhealth.org
2	usageanalytics.coveo.com	static.cloud.coveo.com
2	fonts.googleapis.com	www.sanfordhealth.org static.cloud.coveo.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	forms.hubspot.com	dhan-sana-cdn.azureedge.net
1	track.hubspot.com
1	api.hubapi.com	dhan-sana-cdn.azureedge.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	10083857.fls.doubleclick.net
1	18499.global.siteimproveanalytics.io	www.sanfordhealth.org
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	dhan-sana-cdn.azureedge.net
1	t.co	www.sanfordhealth.org
1	analytics.twitter.com	static.ads-twitter.com
1	px4.ads.linkedin.com	www.sanfordhealth.org
1	www.linkedin.com	1 redirects
1	extend.vimeocdn.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.sanfordhealth.org
1	snap.licdn.com	www.googletagmanager.com
1	assets.sitescdn.net	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	dhan-sana-cdn.azureedge.net	www.sanfordhealth.org
1	cdn.jsdelivr.net	www.sanfordhealth.org
1	www2.sanfordhealth.org	1 redirects
117	49

This site contains links to these domains. Also see Links.

Domain
www.mysanfordchart.org
sanfordhealthfoundation.org
sanfordcareers.com
www.sanfordhealthplan.org
edith.sanfordhealth.org
imagenetics.sanfordhealth.org
www.profileplan.com
research.sanfordhealth.org
news.sanfordhealth.org
www.facebook.com
twitter.com
www.linkedin.com
www.sanfordhealthfoundation.org
sanfordworldclinic.org
www.sanfordlorrainecross.com
commercialization.sanfordhealth.org
sanfordhealth.csod.com

Subject Issuer	Validity	Valid
www.sanfordhealth.org GeoTrust EV RSA CA 2018	`2020-04-21` - `2022-05-19`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.cloud.coveo.com Go Daddy Secure Certificate Authority - G2	`2021-06-18` - `2022-07-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2020-11-16` - `2021-11-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.coveo.com Go Daddy Secure Certificate Authority - G2	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-08-14` - `2022-08-14`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sitescdn.net Cloudflare Inc ECC CA-3	`2021-02-04` - `2022-02-03`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 02	`2021-06-27` - `2022-06-22`	a year	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.sanfordhealth.org/
Frame ID: 1C9C26AD0F6B2784B7CA3E39A6C262F2
Requests: 103 HTTP requests in this frame

Frame: https://10083857.fls.doubleclick.net/activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F
Frame ID: 51CF491D7679C0B331A8FC657F8CAD33
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F
Frame ID: 7D6B9FEDCCB2D6508A372AFB4D229792
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F
Frame ID: 219660C465630A35ED33464D7CAB45CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sanford Health: Health Lives Here

Page URL History Show full URLs

http://www2.sanfordhealth.org/ HTTP 301
http://www.sanfordhealth.org/ HTTP 301
https://www.sanfordhealth.org/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

117
Requests

100 %
HTTPS

64 %
IPv6

36
Domains

49
Subdomains

41
IPs

6
Countries

2253 kB
Transfer

6955 kB
Size

38
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mysanfordchart.org/mychart/
Title: sign-in

Search URL Search Domain Scan URL

URL: https://www.mysanfordchart.org/MyChart/
Title: My Sanford Chart

Search URL Search Domain Scan URL

URL: https://www.mysanfordchart.org/MyChart/openscheduling?public=1
Title: Schedule an Appointment

Search URL Search Domain Scan URL

URL: https://sanfordhealthfoundation.org/donate/
Title: Make a Donation

Search URL Search Domain Scan URL

URL: https://sanfordcareers.com/sanford-health/?utm_campaign=SanfordHealth.org&vs=2888&utm_medium=Other&utm_source=SanfordHealth.org-DE%20 
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.sanfordhealthplan.org/
Title: Find Your Health Plan

Search URL Search Domain Scan URL

URL: http://edith.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Visit Edith

Search URL Search Domain Scan URL

URL: http://imagenetics.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Explore Genetic Medicine

Search URL Search Domain Scan URL

URL: https://www.profileplan.com/
Title: Get the Profile Plan

Search URL Search Domain Scan URL

URL: https://research.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Visit Sanford Research

Search URL Search Domain Scan URL

URL: https://news.sanfordhealth.org/genetics/icepick-surgeon-violinists-thumb-tales-from-genetics/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: ‘Icepick surgeon,’ violinist’s thumb: Tales from genetics

Search URL Search Domain Scan URL

URL: https://news.sanfordhealth.org/rural-health/new-gift-to-sanford-health-will-fund-virtual-care-center/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: New gift to Sanford Health will fund virtual care center

Search URL Search Domain Scan URL

URL: https://news.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: View All News

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sanfordhealth/
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/SanfordHealth
Title: twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sanford-health
Title: linkedin

Search URL Search Domain Scan URL

URL: https://sanfordcareers.com/sanford-health/?utm_campaign=SanfordHealth.org&vs=2888&utm_medium=Other&utm_source=SanfordHealth.org-DE%20%C2%A0
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.sanfordhealthfoundation.org/ways-to-give/
Title: Donate

Search URL Search Domain Scan URL

URL: https://www.sanfordhealthfoundation.org/
Title: Sanford Health Foundation

Search URL Search Domain Scan URL

URL: https://imagenetics.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Sanford Imagenetics

Search URL Search Domain Scan URL

URL: https://edith.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Edith Sanford Breast Center

Search URL Search Domain Scan URL

URL: http://sanfordworldclinic.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Sanford World Clinic

Search URL Search Domain Scan URL

URL: https://www.sanfordlorrainecross.com/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Lorraine Cross Award

Search URL Search Domain Scan URL

URL: https://commercialization.sanfordhealth.org/?__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&__hsfp=3857800448
Title: Sanford Commercialization

Search URL Search Domain Scan URL

URL: https://sanfordhealth.csod.com/
Title: Success Center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www2.sanfordhealth.org/ HTTP 301
http://www.sanfordhealth.org/ HTTP 301
https://www.sanfordhealth.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://10083857.fls.doubleclick.net/activityi;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F HTTP 302
https://10083857.fls.doubleclick.net/activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D227780%26time%3D1631233409922%26url%3Dhttps%253A%252F%252Fwww.sanfordhealth.org%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&liSync=true&e_ipv6=AQImfZu6tg0oLQAAAXvNFobuIO5lWpCzoembgFCiFk7NgF0zcY3vx-BCsvFe-tU2eSCdSgs

Request Chain 60

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E0AD3623BB254C4784FFB3741B6B9937&RedC=c.clarity.ms&MXFR=17D68E5DA1F7616F161F9EF3A5F76FB5 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E0AD3623BB254C4784FFB3741B6B9937&MUID=2AF7D53E6B5061E23885C5906A3B6003

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sanfordhealth.org/
Redirect Chain

http://www2.sanfordhealth.org/
http://www.sanfordhealth.org/
https://www.sanfordhealth.org/

56 KB
57 KB

1044ms
909ms

Document
text/html

2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

7cdb60939b35a66db358feadd63c4155f5a5e26ddcac3b97c392768475264d10

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.sanfordhealth.org
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private
content-length: 57820
content-type: text/html; charset=utf-8
server: Microsoft-IIS/8.5
set-cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl; path=/; HttpOnly; SameSite=Lax
x-cache: PRIVATE_NOSTORE
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06
access-control-expose-headers: Request-Context
strict-transport-security: max-age=300; includeSubDomains
x-azure-ref-originshield: 0gKU6YQAAAABWtaZxwPdDTp0YbV8V3CIzTE9OMjFFREdFMDEwOABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
x-azure-ref: 0gKU6YQAAAAB60r8rc/6RQJcCtgDfASJ4RlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
date: Fri, 10 Sep 2021 00:23:28 GMT

Redirect headers

Cache-Control: public, max-age=900
Content-Length: 153
Content-Type: text/html; charset=UTF-8
Location: https://www.sanfordhealth.org/
Server: Microsoft-IIS/8.5
X-Cache: TCP_MISS
X-Azure-Ref-OriginShield: 0f6U6YQAAAAAqivVllvOvT7QQ/4e7UcfkTE9OMjFFREdFMDIxNwBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
X-Azure-Ref: 0f6U6YQAAAAA0g0h6IG6dQYDoJix4f2DrRlJBRURHRTEwMTIAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
Date: Fri, 10 Sep 2021 00:23:27 GMT

GET
H2 200 sanford-service.min.css
www.sanfordhealth.org/styles/ 413 KB
56 KB 13ms
12ms Stylesheet
text/css 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/styles/sanford-service.min.css?v=7xs-aCjscmI3xa_rmvNhL3c7-FJRrsy0xsei77lTkV41

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ba3cfb9182fc7b7d2ab30c1153f4e6e21f956bf88c4ded69c8d8a7da529bfeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /styles/sanford-service.min.css?v=7xs-aCjscmI3xa_rmvNhL3c7-FJRrsy0xsei77lTkV41
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
expires: Mon, 05 Sep 2022 19:40:33 GMT
last-modified: Sun, 05 Sep 2021 19:40:33 GMT
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:28 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/css; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 0gaU6YQAAAADlwRfcYhovQbdI3V1aIhhxRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0J0E1YQAAAAAFmPVB7vKbSrPVEvqpBl24TE9OMjFFREdFMDExNQBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 sanford-service-head.min.js Show response
www.sanfordhealth.org/Scripts/ 332 KB
92 KB 19ms
19ms Script
text/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/Scripts/sanford-service-head.min.js?v=m27JxZtnVz5uLTOh2rAmByHIQR_mp6Av2fTACHhJWnk1

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

079f6233681074cca2f4d6a7e3c8aff27053d7af7a111a49e612a2afbb7ac20a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /Scripts/sanford-service-head.min.js?v=m27JxZtnVz5uLTOh2rAmByHIQR_mp6Av2fTACHhJWnk1
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
expires: Wed, 07 Sep 2022 13:08:38 GMT
last-modified: Tue, 07 Sep 2021 13:08:38 GMT
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:28 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 0gaU6YQAAAAAdI/EGYf3WT7ky4DdRywPcRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0NZc3YQAAAACifGHtz9BWRI5JX/HGwyzFTE9OMjFFREdFMDIyMgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 80ms
30ms Stylesheet
text/css 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

80e621a072131135b25b516a71c6340b593b97da33c6f8b5884f5762f9ba8541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 00:23:29 GMT
server: ESF
date: Fri, 10 Sep 2021 00:23:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Sep 2021 00:23:29 GMT

GET
H2 200 coveoua.js Show response
static.cloud.coveo.com/coveo.analytics.js/ 31 KB
8 KB 65ms
7ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveo.analytics.js/coveoua.js
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f6537f85f71e5ca9672d7cb7d73eebc9cbbbba5233b04ca04f0983d2283ecca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 09 Feb 2018 20:37:46 GMT
server: AmazonS3
age: 26649
etag: W/"7d3657d1b0dc810784fc68dd61ac0372"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
date: Thu, 09 Sep 2021 16:59:55 GMT
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2AdAAaATIhwzIfVfEiFe64yOQ_7roEu9EwkV61wLxUxg6nlKDkFgvg==

GET
H2 200 org-logo.png
www.sanfordhealth.org/-/media/org/site-logo/ 2 KB
2 KB 515ms
514ms Image
image/png 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sanfordhealth.org/-/media/org/site-logo/org-logo.png?w=175&h=44&hash=E91B3FF0A67F4392F781F7532C8D25CCD44C2393

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

052ae1792f870a73fdf593991e77fe50c472c63fd21055a3697d4b0ab80bec55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /-/media/org/site-logo/org-logo.png?w=175&h=44&hash=E91B3FF0A67F4392F781F7532C8D25CCD44C2393
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
expires: Fri, 17 Sep 2021 00:23:29 GMT
last-modified: Mon, 17 Feb 2020 19:40:28 GMT
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:28 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: private, max-age=604800
x-azure-ref: 0gaU6YQAAAABmlA+MMDwBTKG1/VHE6F7FRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0gaU6YQAAAAAjqQkUkgljSo+F+zc+mrsBTE9OMjFFREdFMDIxNwBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
content-length: 1685
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 CoveoFullSearch.css
static.cloud.coveo.com/searchui/v2.9159/css/ 477 KB
51 KB 9ms
9ms Stylesheet
text/css 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.9159/css/CoveoFullSearch.css
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35a5190dd8f31ea8e9d9dc19ecfecfd3a851ddc4fda47009bea8927096f68598

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: .JGjybLeEUuC_0qUOIwDZVwvkJ1_kUIh
content-encoding: gzip
etag: W/"29a241bbc40483ff82d40387f5d1532f"
age: 18388
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jul 2020 19:03:32 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 19:17:02 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: DygnqchY619BQl0wBNca2XxuoPUZWFcwjmjo4anXJ8HR03xbCs5vyA==

GET
H2 200 CoveoForSitecore.css
static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/css/ 3 KB
1 KB 15ms
15ms Stylesheet
text/css 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/css/CoveoForSitecore.css
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eeb11bd521b056e3353924df9585403d013b2ccca5122db56ae4272816bfc349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: HITX2..kp4qWAnXSckRX5e.nbn1buvzx
content-encoding: gzip
etag: W/"cc29b982e891149cbcba84be767da325"
age: 84974
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 15:22:59 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 00:47:16 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rlVSpYgcBtyR47VaoU-gMWLtdYpx6waq7WowziQoWotC6HRkjPLB0Q==

GET
H2 200 CoveoJsSearch.Lazy.min.js Show response
static.cloud.coveo.com/searchui/v2.9159/js/ 725 KB
201 KB 14ms
12ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0451aa5fab1b63f58a03c1435e3ae0a73c57c6b3ef584af002c82f8d89050af0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 0nuJAf6pQeVrN_uX0GS52cbIPaRVtl01
content-encoding: gzip
etag: W/"05389e00c450b8ea88d529099215206b"
age: 72074
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jul 2020 19:03:04 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 04:23:11 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qsNZnvsEyJ4YyGspZar2bIjmqLEuyoc0i0MtDB8n7vJA3vFuqPvp9g==

GET
H2 200 CoveoForSitecore.Lazy.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/ 51 KB
11 KB 24ms
21ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/CoveoForSitecore.Lazy.min.js
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dcc4d7b5d87c2cacfa9362308b326f65556b56f7ff33166c82d7640df27f1cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 6xlPHWJLHwFq4LO83t_PmyN1IsIylEzN
content-encoding: gzip
etag: W/"6e32cddff608465a6d45320b1ea10a92"
age: 39880
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 15:23:00 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 13:19:26 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: p4uixTUpSdBSrGRKpaYk8noKj3r3IIV4LjM8g61c-fRIsIvtxb6qHA==

GET
H2 200 en.js Show response
static.cloud.coveo.com/searchui/v2.9159/js/cultures/ 69 KB
17 KB 24ms
22ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.9159/js/cultures/en.js
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23a633212addaecd6edef9a14b775570db16a1484b26d0cd340d27ab82ca0c97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: i4lTmsU3o2SZ3FJVicmEOP6lCWZJaknr
content-encoding: gzip
etag: W/"79fa6a26c5e9dc273c29b631b2be5496"
age: 66891
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jul 2020 19:03:01 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 05:53:37 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: EIikangeVX4m3zHYXdJfxM6VHyHKCYiFsDqC8yLyzd-kY13oXRIylQ==

GET
H2 200 find-a-doctor-box.js Show response
www.sanfordhealth.org/Scripts/ 661 B
947 B 13ms
11ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/Scripts/find-a-doctor-box.js

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

4d588eecc20522ade7e98d72df67917c8fcd7c8c6da9e9656179a05417687993

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /Scripts/find-a-doctor-box.js
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
last-modified: Tue, 29 Jun 2021 14:00:19 GMT
server: Microsoft-IIS/8.5
etag: "d15aa118ef6cd71:0"
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: max-age=604800
date: Fri, 10 Sep 2021 00:23:28 GMT
x-azure-ref: 0gaU6YQAAAABKxSZd8a1ISrb76P/NdLr4RlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0PtM1YQAAAABXn9UlBv+7QIzdlSA7az13TE9OMjFFREdFMDEwNgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
accept-ranges: bytes
content-length: 661
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 sanford-health-logo.png
www.sanfordhealth.org/-/media/org/site-logo/ 2 KB
2 KB 553ms
551ms Image
image/png 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sanfordhealth.org/-/media/org/site-logo/sanford-health-logo.png?h=44&la=en&w=175&hash=F2C60AC2F97EE0C211A58428AC0C95FE0F2BF857

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ca9ae0595c4328fe3d30f7387086778b27d3523c1774882b0e8ef83c5de99267

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /-/media/org/site-logo/sanford-health-logo.png?h=44&la=en&w=175&hash=F2C60AC2F97EE0C211A58428AC0C95FE0F2BF857
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
expires: Fri, 17 Sep 2021 00:23:29 GMT
last-modified: Mon, 17 Feb 2020 19:44:14 GMT
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:29 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/png
access-control-expose-headers: Request-Context
cache-control: private, max-age=604800
x-azure-ref: 0gaU6YQAAAAC1UhXajgEdQZbae/0xrFu6RlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0gaU6YQAAAAC803zIqNIHRbtjWZ+pUWxbTE9OMjFFREdFMDIxMABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
content-length: 1776
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 sanford-service-body.min.js Show response
www.sanfordhealth.org/Scripts/ 518 KB
129 KB 23ms
21ms Script
text/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/Scripts/sanford-service-body.min.js?v=gNkrIO6VZzK7QQ0Bwyx7XBBGb1CE1NDtGHDays_51r01

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

46506590be62fc82707f9ad3183a6e0fd9c114e2500cdf51c85a352a7e298b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /Scripts/sanford-service-body.min.js?v=gNkrIO6VZzK7QQ0Bwyx7XBBGb1CE1NDtGHDays_51r01
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
content-encoding: br
vary: User-Agent
expires: Wed, 07 Sep 2022 01:19:48 GMT
last-modified: Tue, 07 Sep 2021 01:19:48 GMT
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:28 GMT
x-frame-options: SAMEORIGIN
x-cache: TCP_HIT
content-type: text/javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: public
x-azure-ref: 0gaU6YQAAAADN96s1fPdfRqOvD99rYJ3jRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0Jvo2YQAAAAC1Mi+QFQoQTrr/tdcIA6ycTE9OMjFFREdFMDIxNABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 jquery.lazy.min.js Show response
cdn.jsdelivr.net/jquery.lazy/1.7.5/ 5 KB
3 KB 54ms
16ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery.lazy/1.7.5/jquery.lazy.min.js

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29be51bcc039f93f4b9c62a3f77f512b07815494fc6eefcb9f183a53b90e0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26650
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19141-FRA, cache-mxp6974-MXP
timing-allow-origin: *
server: cloudflare
etag: W/"1392-jt9bla4L+gvh4f5ZyiOxGz/05wc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 68c482082c0c01fc-ZRH

GET
H2 200 main.bundle.js Show response
dhan-sana-cdn.azureedge.net/ 775 KB
229 KB 102ms
7ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://dhan-sana-cdn.azureedge.net/main.bundle.js

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F94) /

Resource Hash

f6b36645ffa991c45e68593f334d71e6aeebba16aeca387778132c51d6e3e987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
vary: Accept-Encoding
content-md5: lzyOgJSFNTWST+o/tgtziA==
age: 580481
x-cache: HIT
content-length: 234410
x-ms-lease-status: unlocked
last-modified: Mon, 12 Jul 2021 06:52:05 GMT
server: ECAcc (frc/8F94)
etag: 0x8D945018FA1182B
strict-transport-security: max-age=31536000
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8672b3f1-c01e-001f-2a92-a01ff8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 146 KB
48 KB 72ms
58ms Script
text/javascript 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

8dcca90a34c687ae293e7d56e8acb7a77f0cf913048173f34d3c03e7ba7a98ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=27
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48608
x-xss-protection: 0
expires: Fri, 10 Sep 2021 00:53:29 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 341 KB
78 KB 116ms
50ms Script
application/javascript 2a00:1450:400a:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M783

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::2008 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6fb7c4edc2eeb1a0d5c47b17b1038189acd38fa7d07ea58a3432098075bd0d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79075
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Sep 2021 00:23:29 GMT

OPTIONS
H/1.1 200
OK view
usageanalytics.coveo.com/rest/v15/analytics/ Frame 0
0 433ms
103ms Preflight 54.161.185.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usageanalytics.coveo.com/rest/v15/analytics/view

Protocol

HTTP/1.1

Server

54.161.185.208 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-185-208.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Origin, Accept, X-Requested-With, Content-Type
Access-Control-Allow-Methods: HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH
Access-Control-Allow-Origin: https://www.sanfordhealth.org
Access-Control-Max-Age: 3600
Date: Fri, 10 Sep 2021 00:23:29 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
Vary: Origin
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK view Show response
usageanalytics.coveo.com/rest/v15/analytics/ 117 B
869 B 451ms
159ms Fetch
application/json 54.161.185.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usageanalytics.coveo.com/rest/v15/analytics/view

Requested by

Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveo.analytics.js/coveoua.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.161.185.208 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-161-185-208.compute-1.amazonaws.com

Software

Resource Hash

f462c03ba3e54ebbd19059133ff2ea90678bdc8de6fbf3fc453d8995b3c3003b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains, max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer xxf7c94658-1444-4b8f-b748-4026331016b7
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 10 Sep 2021 00:23:30 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Vary: Origin
Connection: keep-alive
P3P: CP="-"
Access-Control-Allow-Origin: https://www.sanfordhealth.org
Cache-Control: no-cache,no-store,must-revalidate,private
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=16070400; includeSubDomains, max-age=16070400; includeSubDomains
Content-Type: application/json
Content-Length: 117
X-XSS-Protection: 1; mode=block
Expires: Thu Jan 01 00:00:00 UTC 1970

GET
H2 200 svg-sprite.svg
www.sanfordhealth.org/ 350 KB
350 KB 12ms
11ms Other
text/xml 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/svg-sprite.svg

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

c31913259475369ec49a9188e2aea68e4adfbbb5beffb2d06f5e0e6b327cc643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains

Request headers

:path: /svg-sprite.svg
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:28 GMT
x-azure-ref: 0gaU6YQAAAABg7CcYSDMsT4bHYl9RhmzVRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-cache: TCP_HIT
content-type: text/xml; charset=utf-8
cache-control: public, max-age=3600
x-azure-ref-originshield: 0mqE6YQAAAABQlFA2JXSSQ7QO1hzxENl0TE9OMjFFREdFMDIxMQBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 73ms
12ms Font
font/woff2 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 03:25:25 GMT
x-content-type-options: nosniff
age: 593884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 03:25:25 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 78ms
17ms Font
font/woff2 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 07:40:49 GMT
x-content-type-options: nosniff
age: 578560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 07:40:49 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 80ms
20ms Font
font/woff2 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 12:57:40 GMT
x-content-type-options: nosniff
age: 300349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 12:57:40 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
487 B 29ms
28ms Stylesheet
text/css 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700

Requested by

Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/css/CoveoFullSearch.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.cloud.coveo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 00:02:09 GMT
server: ESF
date: Fri, 10 Sep 2021 00:23:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Sep 2021 00:23:29 GMT

GET
H2 200 token Show response
www.sanfordhealth.org/coveo/rest/ 353 B
594 B 546ms
546ms Fetch
application/json 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sanfordhealth.org/coveo/rest/token

Requested by

Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/CoveoForSitecore.Lazy.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

679be677a028472f2095e15326628ce2723a76e474bc21df464decd647384b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /coveo/rest/token
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:29 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: application/json; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private
x-azure-ref: 0gaU6YQAAAABJMWp5CI4KTJdecjqw6RXlRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0gaU6YQAAAAAr4wWHnZ/JRYJ0htDygGgWTE9OMjFFREdFMTUxMgBjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
content-length: 353
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 019041-01721p-covid-flu-vaccine-1375x559.jpg
www.sanfordhealth.org/-/media/org/images/homepage/ 67 KB
67 KB 893ms
892ms Image
image/jpeg 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sanfordhealth.org/-/media/org/images/homepage/019041-01721p-covid-flu-vaccine-1375x559.jpg?w=1375&h=559&hash=C90AC5004BB7F0956C8BB11B996546E0173CA3E1

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:bdf::60 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

83d4e6099a6321789195f5a0d9ed9577c1a9e0f60a8afc6228619dff665d55b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

:path: /-/media/org/images/homepage/019041-01721p-covid-flu-vaccine-1375x559.jpg?w=1375&h=559&hash=C90AC5004BB7F0956C8BB11B996546E0173CA3E1
pragma: no-cache
cookie: ASP.NET_SessionId=elwtv0g55kavtala2sosy4pl
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.sanfordhealth.org
referer: https://www.sanfordhealth.org/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=300; includeSubDomains
expires: Fri, 17 Sep 2021 00:23:29 GMT
last-modified: Tue, 31 Aug 2021 21:21:44 GMT
server: Microsoft-IIS/8.5
date: Fri, 10 Sep 2021 00:23:29 GMT
x-frame-options: SAMEORIGIN
x-cache: PRIVATE_NOSTORE
content-type: image/jpeg
access-control-expose-headers: Request-Context
cache-control: private, max-age=604800
x-azure-ref: 0gaU6YQAAAADjBjXWER2kRIBGDVbzpwuvRlJBRURHRTEwMTAAYzEzNzNiYjUtYmY2NC00ZTNhLTkxYTAtMGQzZTg3NmFlZTYx
x-azure-ref-originshield: 0gaU6YQAAAABGc8irPxDDTodtkSC6l1b2TE9OMjFFREdFMDIyMABjMTM3M2JiNS1iZjY0LTRlM2EtOTFhMC0wZDNlODc2YWVlNjE=
content-length: 68110
request-context: appId=cid-v1:7f5acbab-b715-48b0-8a6b-8a3d41110f06

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 14ms
12ms Font
font/woff2 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 01:53:47 GMT
x-content-type-options: nosniff
age: 167382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:24:04 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 01:53:47 GMT

GET
H/1.1 200
OK 4b8355fa4f45dbd66cfbfb8faf2f5bed.png
dhanprodfrontend.blob.core.windows.net/sana/ 6 KB
7 KB 716ms
130ms Image
image/png 52.239.234.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dhanprodfrontend.blob.core.windows.net/sana/4b8355fa4f45dbd66cfbfb8faf2f5bed.png
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.234.100 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 04010bcf888f07211603623d130f5c0bb367522026ec7e7c40df800652535b4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 10 Sep 2021 00:23:29 GMT
Last-Modified: Thu, 09 Sep 2021 06:56:25 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: cFLTqNXUUa9mSS7dZrTelQ==
ETag: 0x8D9735EF1212198
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: c5d5bab6-a01e-004b-3eda-a5f572000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 6045

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
51 KB 37ms
36ms Script
application/javascript 2a00:1450:400a:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JSE8FM168H&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::2008 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a87a192d04d559e1c458e38d51977a3121aa30e67d396022926cad9f1e36cc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51734
x-xss-protection: 0
expires: Fri, 10 Sep 2021 00:23:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 297ms
13ms Script
text/javascript 2a00:1450:400a:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 5622
date: Thu, 09 Sep 2021 22:49:47 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 10 Sep 2021 00:49:47 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 307ms
24ms Script
application/javascript 151.101.240.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.240.157 Milan, Italy, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
via: 1.1 varnish
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
age: 3859
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-timer: S1631233410.914479,VS0,VE0
x-served-by: cache-mxp6982-MXP

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 308ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 7C440B58C231452D913545FDA7508196 Ref B: FRAEDGE1507 Ref C: 2021-09-10T00:23:29Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H2

200

activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F Show response
10083857.fls.doubleclick.net/ Frame 51CF
Redirect Chain

https://10083857.fls.doubleclick.net/activityi;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F?
https://10083857.fls.doubleclick.net/activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F...

492 B
561 B

28ms
28ms

Document
text/html

172.217.168.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10083857.fls.doubleclick.net/activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.168.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s14-in-f6.1e100.net

Software

cafe /

Resource Hash

6c2caca98e591256ef0ae6a2a4f5b57a3f7573338f3daa6dbad35a466748bd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10083857.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.sanfordhealth.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 Sep 2021 00:23:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 10-Sep-2021 00:38:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 Sep 2021 00:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10083857.fls.doubleclick.net/activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ytag.min.js Show response
assets.sitescdn.net/ytag/ 4 KB
2 KB 275ms
18ms Script
application/javascript 2606:4700::6812:7034
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.sitescdn.net/ytag/ytag.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:7034 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf7b4335f93390740535b1e55da9296acbda0b1740ab5d0be17d75cfe32ebfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 14 Jun 2021 15:45:54 GMT
server: cloudflare
age: 1413
etag: W/"2c59d483e66e9b95db2f13a78bbb50de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 68c4820bfdddcc4e-ZRH
x-amz-request-id: 3PJZYAKXH8V6K6JT
x-amz-id-2: zTut5gf8eYDc1ZEfNxEwDTNLXJI3S2aJzzTfPKhqmMG6dZzqWmcuyRLFEJbCHvE6zFtLoFr5N7g=

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 268ms
12ms Script
application/x-javascript 2a02:26f0:f3:58f::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f3:58f::25ea Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 10 Sep 2021 00:23:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Aug 2021 21:34:05 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=26023
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 260ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: LhHJ0vRnPl1ZEmpKoxLzkGuHLdZwt5HkUZYO+i9WT0qlMrsE+EIqi292OkqCZj0JLPrWyhaPuI+b+i95fYuH6A==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 10 Sep 2021 00:23:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_18499.js Show response
siteimproveanalytics.com/js/ 24 KB
9 KB 315ms
62ms Script
application/javascript 2606:4700:3031::ac43:91b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_18499.js
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822586c49e7dd3b41a08df641fdb3381b3a5b75cabe56dd47778997515ba0e81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: P79E6HHJ8Z3H51DZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8237
x-amz-id-2: pIt/y1MRPQL60hvG+R3ZIOXnZ4KgdHh1TLb011GwWphQRi04BuhIMcnWeO0wm58zH2L3L9MX0UU=
last-modified: Fri, 03 Sep 2021 14:37:59 GMT
server: cloudflare
etag: "ecc389ef03d81a54ee354edd03702075"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNXV3uzxWl4mUcyYeK2FGol7FXlTFSliP4N3ZqDFOImSdvrCCyLr1rpQFvDwN5VcNUXWK06frNscKFI9gd9JiVeqFZ5%2BGV0RPgaOI%2B2s9uAHc5Pif96tnRjCxfBMqF5jFzQ7ckh2ygA3YAhyLt9wd3lbKNhVpBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 68c4820bfbd0f9da-PRG

GET
H2 200 2204273.js Show response
js.hs-scripts.com/ 2 KB
978 B 665ms
412ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2204273.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b5abbe94295d461adbd4a3a906549b27f1aed104a9ea1e78cf11d7409c99c3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: 2fc1bb66-85fe-4703-8406-c530aec1c083
x-trace: 2BA34AA4AE54E3A5B95A5BFC0D55F18E9C977A8537000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.sanfordhealth.org
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 68c4820bf82acc56-ZRH
expires: Fri, 10 Sep 2021 00:24:30 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 276ms
28ms Script
application/javascript 2a04:4e42:39::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:39::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
fastly-restarts: 1
x-cdn: fastly
etag: "d281f5ef4add283680ff41edc6dd28c4"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 3v39v7nl98 Show response
www.clarity.ms/tag/ 580 B
951 B 352ms
101ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/3v39v7nl98
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 0e0fbcb50f25d7d9fa20b20f7d4bf3e2f006a1205c00f4605fae33b781bf1fff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
x-powered-by: ASP.NET
x-azure-ref: 0gaU6YQAAAADlQ23I/pBBT6gJOm0ulY5OTFRTRURHRTEzMTIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 activityi;register_conversion=1;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F
10083857.fls.doubleclick.net/ 0
0 182ms
41ms Image
text/html 172.217.168.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10083857.fls.doubleclick.net/activityi;register_conversion=1;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F?
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.168.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s14-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 17092940.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 79ms
19ms Script
text/javascript 151.101.242.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/17092940.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.242.109 Milan, Italy, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
age: 7944181
x-cache: HIT
x-cache-hits: 5533
content-length: 5692
x-served-by: cache-mxp6972-MXP
x-vimeo-dc: ge
last-modified: Thu, 10 Jun 2021 00:11:28 GMT
server: Apache
x-timer: S1631233410.989346,VS0,VE0
etag: "43e3-5c45e3b838c00"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2031 01:40:29 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
175 B 25ms
24ms Ping
text/plain 2a00:1450:400a:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JSE8FM168H&gtm=2oe910&_p=1050228668&sr=1600x1200&ul=en-us&cid=1373797448.1631233410&_s=1&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&dt=Sanford%20Health%3A%20Health%20Lives%20Here&sid=1631233409&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JSE8FM168H&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400a:808::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanfordhealth.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D227780%26time%3D1631233409922%26url%3Dhttps%253A%252F%252Fwww.sanfordhealth.org%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&liSync=true&e_ipv6=AQImfZu6tg0oLQAAAXvNFobuIO5lWpCzoembgFCiFk7NgF0zcY3vx-BCs...

0
156 B

393ms
181ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&liSync=true&e_ipv6=AQImfZu6tg0oLQAAAXvNFobuIO5lWpCzoembgFCiFk7NgF0zcY3vx-BCsvFe-tU2eSCdSgs
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: OjyzESVOoxaw38Y7nysAAA==

Redirect headers

date: Fri, 10 Sep 2021 00:23:30 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=227780&time=1631233409922&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&liSync=true&e_ipv6=AQImfZu6tg0oLQAAAXvNFobuIO5lWpCzoembgFCiFk7NgF0zcY3vx-BCsvFe-tU2eSCdSgs
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: zH8t+yROoxYQHUf4wioAAA==

GET
H2 200 158452134738346 Show response
connect.facebook.net/signals/config/ 310 KB
89 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/158452134738346?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d024ff5523855acc035f44d88b7b87588e1c2b2f20916a04f88677f6963ba76

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tZKeOcZcWKyMhzWixS3ZO38MCLWDY3rfoyn8wUNhZtlpVzZn41TwqsAAfEjtylZveWhTZts+mE8HC4jYQrK/hQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 10 Sep 2021 00:23:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Searchbox.min__a95d470104d1a4fbb30e.js Show response
static.cloud.coveo.com/searchui/v2.9159/js/ 96 KB
22 KB 8ms
7ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/searchui/v2.9159/js/Searchbox.min__a95d470104d1a4fbb30e.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/searchui/v2.9159/js/CoveoJsSearch.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0b4500151e7f7dd327f30d9b503b361d8fb59cc68520783306dfa13615283ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: uQ4qAuqY2vk_WYDTSkeb9zXQi9uk.T5l
content-encoding: gzip
etag: W/"3d2c164fe997b738f3fb3afdd98b0402"
age: 63729
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Thu, 30 Jul 2020 19:03:04 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 06:41:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 1JRudm5iW_VxbK5LfoezAtSH904Hk0ViVoH-5mYAh0JxNLYqlfmNiQ==

GET
H2 200 CoveoForSitecoreConfigureSearchHub.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/ 1 KB
1 KB 9ms
8ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/CoveoForSitecoreConfigureSearchHub.min.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/CoveoForSitecore.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3adfaa9910b7ffe1cdade00c342d2593833e7cefd9093ce3b5eb5dca8cb59345

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: Wuo0WzFM8X5lbAj9zPtokb7eHKZQ2TcQ
content-encoding: gzip
etag: W/"4690e5811a9f396364b67a3aff84eaa8"
age: 23779
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 15:23:01 GMT
server: AmazonS3
date: Thu, 09 Sep 2021 17:52:08 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: kqY-1iMpXayBhbzu66IP_28A2IuoGh9sCDgk_V2nQjVPD9U4wJgJ-Q==

GET
H2 200 CoveoForSitecoreExpressions.min.js Show response
static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/ 2 KB
1 KB 18ms
18ms Script
application/javascript 143.204.207.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/CoveoForSitecoreExpressions.min.js
Requested by: Host: static.cloud.coveo.com
URL: https://static.cloud.coveo.com/coveoforsitecore/ui/v0.45.4/js/CoveoForSitecore.Lazy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-4.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23bfcecbdebbd0141036e613fd3677defae7d220f3da99692023d8915b738540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 11:03:06 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 48024
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 15:23:01 GMT
server: AmazonS3
etag: W/"379377ff228e5fb54429e147121e454e"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: _c3B1DreZphBPcUPkgSpZFpZ0Z3Sa_LJ
via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: cm3Ib06Y89d6SVieKazktRvB9-FBt5UAspvK-6cmUFfLTYiHHSgbCw==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 13ms
13ms Font
font/woff2 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 04:38:36 GMT
x-content-type-options: nosniff
age: 589493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 04:38:36 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 25ms
25ms XHR
text/plain 2a00:1450:400a:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1050228668&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%3A%20Health%20Lives%20Here&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=568062651&gjid=2076214376&cid=1373797448.1631233410&tid=UA-17672572-1&_gid=1727096124.1631233410&_r=1&gtm=2wg910M783&z=371299802

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sanfordhealth.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.89cd5bf4.js Show response
s.pinimg.com/ct/lib/ 49 KB
17 KB 30ms
30ms Script
application/javascript 2a04:4e42:39::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:39::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: gzip
fastly-restarts: 1
x-cdn: fastly
etag: "6deee3ea7ecc4a5d9687c1bd57018c16"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
content-length: 17418
access-control-expose-headers: X-CDN

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 13ms
13ms Font
font/woff2 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 15:53:09 GMT
x-content-type-options: nosniff
age: 203420
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 15:53:09 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 150ms
121ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=ny7yf&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.sanfordhealth.org%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 10 Sep 2021 00:23:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bf9a9c1cfc9226df39e8c42cc3ee2777b06b9308206633bafbb168679f5594a3
x-transaction: 4e7595723ba0ba96
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 147ms
119ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=ny7yf&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.sanfordhealth.org%2F

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 10 Sep 2021 00:23:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e23c8ba32a1f5a15b6c8c62af64beed78f76298033efc161eda796dcf7c4af8b
x-transaction: 113604b0e2dd43a7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 15005885.js Show response
bat.bing.com/p/action/ 0
109 B 154ms
154ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/15005885.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 10 Sep 2021 00:23:30 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: 2045DCCC8A794D57A28C1375695F7D50 Ref B: FRAEDGE1507 Ref C: 2021-09-10T00:23:30Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
172 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=15005885&tm=gtm002&Ver=2&mid=8110cb2f-17cc-499e-a8af-9ed902ed961a&sid=5300bcc011cd11ecb8470176953617d3&vid=5300d2a011cd11ec83b635ff5f2c3467&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sanford%20Health%3A%20Health%20Lives%20Here&p=https%3A%2F%2Fwww.sanfordhealth.org%2F&r=&lt=2482&evt=pageLoad&msclkid=N&sv=1&rn=73869
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 28C291F6BC1B48AC8A4AD8E707568676 Ref B: FRAEDGE1507 Ref C: 2021-09-10T00:23:30Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
467 B 68ms
14ms XHR
text/plain 2a00:1450:4013:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-17672572-1&cid=1373797448.1631233410&jid=568062651&gjid=2076214376&_gid=1727096124.1631233410&_u=YADAAAAAAAAAAC~&z=188713890

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c00::9d Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Sep 2021 00:23:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.sanfordhealth.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 63ms
15ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:29 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
213 B 825ms
825ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 7330FFE1-94A2-4A75-B77A-218D7D4139F7
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-b/s/0.6.22/ 50 KB
22 KB 101ms
100ms Script
application/javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-b/s/0.6.22/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3v39v7nl98
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 68d525dc844915e4d71d79addf52397416bccfe244e7927fb8d9812cd7d0f70f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:29 GMT
content-encoding: br
etag: "1d79aca95ebc60b"
last-modified: Thu, 26 Aug 2021 22:34:52 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0gqU6YQAAAABAeazzTyGITIX9XDXWFuPnTFRTRURHRTEzMTIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E0AD3623BB254C4784FFB3741B6B9937&RedC=c.clarity.ms&MXFR=17D68E5DA1F7616F161F9EF3A5F76FB5
https://c.clarity.ms/c.gif?CtsSyncId=E0AD3623BB254C4784FFB3741B6B9937&MUID=2AF7D53E6B5061E23885C5906A3B6003

42 B
357 B

31ms
31ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E0AD3623BB254C4784FFB3741B6B9937&MUID=2AF7D53E6B5061E23885C5906A3B6003
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
last-modified: Fri, 02 Jul 2021 16:12:32 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "9d284f105d6fd71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
x-msedge-ref: Ref A: A972CE118C4546D2BADC3588C1C5C837 Ref B: FRAEDGE1507 Ref C: 2021-09-10T00:23:30Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E0AD3623BB254C4784FFB3741B6B9937&MUID=2AF7D53E6B5061E23885C5906A3B6003
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 492 B
731 B 75ms
34ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613660636112&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1631233410054
Requested by: Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 15d45fecc69fc7bb124a89ac1a7baed0ced324dd70fcaaa8c827a8ede2bac133

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
content-encoding: gzip
referrer-policy: origin
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sanfordhealth.org
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
pin-unauth: dWlkPVpETmlZMlV3TmpFdE5UYzNNUzAwWldKaExXSmtPVE10Tnpnd056bG1ZVFE1TlRaaw
x-pinterest-rid: 1256075041289936
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
content-length: 347
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
93 B 75ms
34ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613660636112&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1631233410055
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 1019170890694308
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK image.aspx
18499.global.siteimproveanalytics.io/ 34 B
650 B 90ms
7ms Image
image/gif 52.28.224.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://18499.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.sanfordhealth.org%2F&title=Sanford%20Health%3A%20Health%20Lives%20Here&res=1600x1200&accountid=18499&rt=2988&prev=8edea663-e717-8283-e5e8-fcc76b0d712e&luid=da4be6b4-6e74-7ade-d469-3693e7abc098&rnd=35373
Requested by: Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.224.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-224-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 10 Sep 2021 00:23:30 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Fri, 10 Sep 2021 00:23:30 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H2 200 262187534856933 Show response
connect.facebook.net/signals/config/ 309 KB
88 KB 78ms
78ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/262187534856933?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01ab8e0408dad7d8230399973a3a3ef3f9df1a995d25f3f86508edfb4fec8e92

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: mhGbiR1Xv9QM05E8tRREwe8elfVEuIN3H1pHbUbyKjpIM1JKQv0pfScV7eMDQr2v0jX6jjfrV15743/yS/pdew==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 10 Sep 2021 00:23:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 58ms
15ms Image
image/gif 2a03:2880:f15b:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=PageView&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&rl=&if=false&ts=1631233410093&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1631233410091.2091364760&it=1631233409934&coo=false&exp=p1&rqm=GET

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f15b:83:face:b00c:0:25de Zurich, Switzerland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 00:23:30 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 89ms
28ms Image
image/gif 2a00:1450:400a:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-17672572-1&cid=1373797448.1631233410&jid=568062651&_u=YADAAAAAAAAAAC~&z=117560048

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2004 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 82ms
29ms Image
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-17672572-1&cid=1373797448.1631233410&jid=568062651&_u=YADAAAAAAAAAAC~&z=117560048

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 13ms
13ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:29 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 819ms
819ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 671E295D-1C1F-40A0-8415-1A9BBEB6DC72
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
197 B 45ms
32ms XHR
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/md/
Requested by: Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:30 GMT
referrer-policy: origin
x-cdn: fastly
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1662224073076103
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F Show response
adservice.google.com/ddm/fls/i/ Frame 7D6B 491 B
873 B 117ms
51ms Document
text/html 2a00:1450:400a:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F

Requested by

Host: 10083857.fls.doubleclick.net
URL: https://10083857.fls.doubleclick.net/activityi;dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::2002 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

192a2afe1a290d112ca4157406867c6bc6b65160df7d41a07fa2a566c82f9264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10083857.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://10083857.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 Sep 2021 00:23:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 383
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 746ms
746ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 45D42181-4EBE-42F3-84A2-537351CA3EF4
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 53ms
53ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:29 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
164 B 912ms
912ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: C6123EFC-CDB0-478B-8537-C744CC909EF9
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 48ms
48ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:29 GMT
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 16ms
15ms Image
image/gif 2a03:2880:f15b:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262187534856933&ev=PageView&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&rl=&if=false&ts=1631233410215&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631233410091.2091364760&it=1631233409934&coo=false&exp=p1&rqm=GET

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f15b:83:face:b00c:0:25de Zurich, Switzerland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 00:23:30 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
180 B 414ms
203ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.sanfordhealth.org
date: Fri, 10 Sep 2021 00:23:29 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F Show response
adservice.google.de/ddm/fls/i/ Frame 2196 194 B
931 B 105ms
52ms Document
text/html 2a00:1450:400a:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2002 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CNyI0P-R8_ICFQ8L4Aodee0DWA;src=10083857;type=pagev0;cat=pagev0;ord=2215392043604;gtm=2wg910;auiddc=1911095417.1631233410;ps=1;~oref=https%3A%2F%2Fwww.sanfordhealth.org%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 10 Sep 2021 00:23:30 GMT
expires: Fri, 10 Sep 2021 00:23:30 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 2204273.js Show response
js.hs-banner.com/ 63 KB
16 KB 73ms
20ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2204273.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a55dbc4b6340a0234161362dbba78ab92a6751c8a992d97e380a52791aaee0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 68
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: 323DPN2XQ4HAZCWC
x-amz-id-2: tmN2BOz6QwsGpPBLDRbljECRHTY2oGpX9eD3KY+gdqJe2/F4+K9SYoLkEgs/wGyN3sCv3xAh4ic=
timing-allow-origin: *
last-modified: Fri, 03 Sep 2021 19:34:17 GMT
server: cloudflare
etag: W/"d29f32ca380a1863a60981bcd04d9d19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 3xp90._w1iSIR5dXU2e9U5oUgIpd8O9N
access-control-allow-origin: https://news.sanfordhealth.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 68c4820eeb2c0225-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 10 Sep 2021 00:27:22 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 55ms
17ms Script
application/javascript 2606:4700::6811:71b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00b4e498e234c71b14fba50f7be5190e5361e3a9d8345926b40c553295d2f2a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
via: 1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 312
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.243/bundles/pixels-release.js&cfRay=68c47a6daa10cc5a-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 07 Sep 2021 01:31:17 UTC
server: cloudflare
etag: W/"b2c78dd7d31336706445638fc639a215"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: S6FQeL9Scofdyk064pc4GFuLvEJ_FwbW
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 68c4820ec8500219-ZRH
x-amz-cf-id: i0Nk1p1EnrAQ2kkE_tq2kkhUh-HB0XVUFG2QicoqUVN8J9aszVyuxA==
x-hs-target-asset: adsscriptloaderstatic/static-1.243/bundles/pixels-release.js

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
87 KB 71ms
32ms Script
application/javascript 2606:4700::6811:eacc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5343b9a9c667a328bd11798a1d4950326c2e48189873d45b2d515c56aad2cd6

Request headers

Referer: https://www.sanfordhealth.org/
Origin: https://www.sanfordhealth.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
via: 1.1 ac28147bf6a75debb0811f62b6224e6f.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 67402
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1053/bundle/main/lead-flows-release.js&cfRay=68be14811c2f2355-EWR
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 68c4820ecc6c01e3-ZRH
last-modified: Wed, 01 Sep 2021 08:32:41 UTC
server: cloudflare
etag: W/"06b9cc0a137bb12ab3bdef2f5d9c59e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: sGyMCPzZ_yO5cY5tFaL3Y3aSs3R6Eatx
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: w1bLFCiu2EcqbJzaXiRgWZx3R8nh9p-HsJ9M6hZOfL3kjiRbg5H9Jw==
x-hs-target-asset: lead-flows-js/static-1.1053/bundle/main/lead-flows-release.js

GET
H2 200 2204273.js Show response
js.hs-analytics.net/analytics/1631233200000/ 64 KB
20 KB 112ms
77ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1631233200000/2204273.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2204273.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d28fcb2fbb34e7b870a724af4b0d56e209e88fba258dbeda1ad093f37f09ce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsKypfcgwCeYG6GNWEzIuPRjhTv46CnA6o7WHsvl503j_FIlDhruj5rPyUolOpRj3jX86_NK5PwETav9Wom8zo
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
last-modified: Fri, 27 Aug 2021 20:33:26 GMT
server: cloudflare
etag: W/"8fe728972743a35683fc665905ace4e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=LgeM+Q==, md5=j+colydDo1aD/GZZBazk4g==
x-goog-generation: 1630096406695728
cache-control: max-age=300, public
access-control-allow-credentials: false
x-goog-stored-content-length: 65317
cf-ray: 68c4820ecc3701eb-ZRH
expires: Fri, 10 Sep 2021 00:28:30 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 16ms
15ms Image
image/gif 2a03:2880:f15b:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=Microdata&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&rl=&if=false&ts=1631233410597&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sanford%20Health%3A%20Health%20Lives%20Here%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Sanford%20Health%3A%20Health%20Lives%20Here%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%3A443%2F-%2Fmedia%2Ffeature%2Fmetadata%2Fsanford-health.jpg%3Fbc%3Dblack%26as%3D0%26h%3D200%26la%3Den%26w%3D382%26hash%3D967EB15D2B379629514EE756E370944D173CC75C%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22MedicalOrganization%22%2C%22legalname%22%3A%22Sanford%20Health%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%22%2C%22telephone%22%3A%22605-333-1000%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%2F~%2Fmedia%2Fsanford-health%2Fimages%2Fsanford-health-logo.png%22%2C%22description%22%3A%22Sanford%20Health%20is%20the%20largest%20medical%20facility%20in%20the%20Fargo%2C%20ND%20and%20Sioux%20Falls%2C%20SD%20regions%2C%20dedicated%20to%20the%20work%20of%20healing.%20We%20partner%20with%20communities%20to%20bring%20health%20and%20healing%20to%20the%20people%20who%20live%20and%20work%20across%20our%20region.%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Fsanfordhealth%2F%22%2C%22https%3A%2F%2Ftwitter.com%2FSanfordHealth%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fsanfordhealth%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FSanfordHealth%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1631233410091.2091364760&it=1631233409934&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f15b:83:face:b00c:0:25de Zurich, Switzerland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 00:23:30 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 14ms
13ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
162 B 227ms
227ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: C426BC4F-8A99-4760-9E19-343821488B05
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 16ms
15ms Image
image/gif 2a03:2880:f15b:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262187534856933&ev=Microdata&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&rl=&if=false&ts=1631233410716&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sanford%20Health%3A%20Health%20Lives%20Here%20%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Sanford%20Health%3A%20Health%20Lives%20Here%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%3A443%2F-%2Fmedia%2Ffeature%2Fmetadata%2Fsanford-health.jpg%3Fbc%3Dblack%26as%3D0%26h%3D200%26la%3Den%26w%3D382%26hash%3D967EB15D2B379629514EE756E370944D173CC75C%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22MedicalOrganization%22%2C%22legalname%22%3A%22Sanford%20Health%22%2C%22url%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%22%2C%22telephone%22%3A%22605-333-1000%22%2C%22logo%22%3A%22https%3A%2F%2Fwww.sanfordhealth.org%2F~%2Fmedia%2Fsanford-health%2Fimages%2Fsanford-health-logo.png%22%2C%22description%22%3A%22Sanford%20Health%20is%20the%20largest%20medical%20facility%20in%20the%20Fargo%2C%20ND%20and%20Sioux%20Falls%2C%20SD%20regions%2C%20dedicated%20to%20the%20work%20of%20healing.%20We%20partner%20with%20communities%20to%20bring%20health%20and%20healing%20to%20the%20people%20who%20live%20and%20work%20across%20our%20region.%22%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Fsanfordhealth%2F%22%2C%22https%3A%2F%2Ftwitter.com%2FSanfordHealth%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fsanfordhealth%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2FSanfordHealth%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631233410091.2091364760&it=1631233409934&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.sanfordhealth.org
URL: https://www.sanfordhealth.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f15b:83:face:b00c:0:25de Zurich, Switzerland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 00:23:30 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 67 B
959 B 469ms
426ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2204273

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20330aa955d769c42ecbdb4e1c6208986cbd87e25fbbd258945cfa2b9dc2bf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c1d80a99-4577-45af-aa2c-026293f8867d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
x-trace: 2B790569AB03508EE671AA8040D3CFD75345954501000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERvCXH3zZjrMtgDPDKk%2Fl%2FyrnzGQ81bhFBjY1kBZTS7wUN8ECFLZv1JywpesEuUoT8gGKA3kyL0WakME2KjmVw4gNsoZBUL%2B%2BIIBHjmP4Xb8ANfNIQbm3BzUz0tyZJ6EROMBWU3pf%2Fl1CORm"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanfordhealth.org
access-control-allow-credentials: false
cf-ray: 68c48214e96401eb-ZRH
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
801 B 97ms
59ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857800448&v=1.1&a=2204273&pu=https%3A%2F%2Fwww.sanfordhealth.org%2F&t=Sanford+Health%3A+Health+Lives+Here&cts=1631233411305&vi=6352e28ada0f29ecc772fdffc20e963d&nc=true&u=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&b=239181569.1.1631233411302&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e12a7a47-80d9-478e-b10b-464576a4bb4c
cf-ray: 68c48214fdfd021d-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEEof1uVCYiYz%2BdAYzeXbPsv1EsTM8rYhVeCWE%2BGoy0CvoY9dCS5pX5Xv6Km%2Bh0aVUacqVXY6QCum%2BI%2BqKLjP4ZAJi52jfJIg8Hra8Pg5A6b1tZaOslN6dDahQFbbjoO6jHmQshtdZD9yEErcGn8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 14ms
13ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
186 B 431ms
431ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fd61bfbcd72021f1215cc671f9eddcb260ccafa762d4694963e70f4b12f32225

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: D2CD3E9C-C73F-49CA-95B2-6E6147B273AA
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:31 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 12ms
12ms Image
image/gif 2a00:1450:400a:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1050228668&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%3A%20Health%20Lives%20Here&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=10%25&el=https%3A%2F%2Fwww.sanfordhealth.org%2F&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1373797448.1631233410&tid=UA-17672572-1&_gid=1727096124.1631233410&gtm=2wg910M783&z=1346850689

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 06:01:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66105
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 13ms
12ms Image
image/gif 2a00:1450:400a:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1050228668&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&ul=en-us&de=UTF-8&dt=Sanford%20Health%3A%20Health%20Lives%20Here&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=scroll-depth&ea=25%25&el=https%3A%2F%2Fwww.sanfordhealth.org%2F&_u=aADAAEABAAAAAC~&jid=&gjid=&cid=1373797448.1631233410&tid=UA-17672572-1&_gid=1727096124.1631233410&gtm=2wg910M783&z=609552712

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:808::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 06:01:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66105
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
1 KB 177ms
138ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2204273&utk=6352e28ada0f29ecc772fdffc20e963d&__hstc=239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1&__hssc=239181569.1.1631233411302&currentUrl=https%3A%2F%2Fwww.sanfordhealth.org%2F

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561f2e8d35f0356435d8885fd8895ce8e1908ac26a9c7bcd55e9da3d1d05cc5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 71a14ec2-bf18-41cc-ae85-6f313b451753
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5zyvCmK4ixGbmgGe1UId%2Bb3mkilnb264fgYCWeNmQ9VJNY8vyAPCvBPWD4jZeZM84DMi%2BAb6ZSp5qDJsjA%2FZzqkZFvkKMUkGfCaNjkPh%2Fn4UYJMYVK2v3u4aQ37zMsaoKXXJ657YGFdeIEbTBrs"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sanfordhealth.org
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 68c482151cbd0211-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 93ms
93ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.sanfordhealth.org
date: Fri, 10 Sep 2021 00:23:30 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 19ms
19ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 532ms
532ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: BA66C5CB-7793-4E19-A197-245E0C256A6A
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:31 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 13ms
13ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:30 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 456ms
456ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 4211935B-D8BC-402B-BC00-51545A54FF35
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:31 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 32ms
31ms Script
application/javascript 2a00:1450:400a:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-626964617

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::2008 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf021193a278b56c56741d3699807cb5f631c1e9b10c4c94018554d1c109603a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39262
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Sep 2021 00:23:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 33ms
33ms Script
application/javascript 2a00:1450:400a:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-626964617&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M783

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::2008 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a48f9d07e25c7044984d2e0d828d06dc37a67d1bbf85f883adf16aabfa454d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39268
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Sep 2021 00:23:31 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 13ms
13ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:31 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
163 B 572ms
571ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: E5D8E60F-9603-4876-ABB4-9696D6E6E2D6
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:31 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 129ms
67ms Script
text/javascript 142.250.203.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-626964617

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.203.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s16-in-f2.1e100.net

Software

cafe /

Resource Hash

88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
server: cafe
etag: 8182713160943572198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 00:23:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/626964617/ 2 KB
2 KB 100ms
37ms Script
text/javascript 2a00:1450:400a:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/626964617/?random=1631233411957&cv=9&fst=1631233411957&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&tiba=Sanford%20Health%3A%20Health%20Lives%20Here&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::2002 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

598e96a6f0a7558295ca05cc78d45c9390edc8063c7c42b0d554a4bef8da4c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1029
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/626964617/ 42 B
154 B 35ms
34ms Image
image/gif 2a00:1450:400a:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/626964617/?random=1631233411957&cv=9&fst=1631232000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&tiba=Sanford%20Health%3A%20Health%20Lives%20Here&async=1&fmt=3&is_vtc=1&random=303832468&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2004 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/626964617/ 42 B
154 B 31ms
30ms Image
image/gif 2a00:1450:400a:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/626964617/?random=1631233411957&cv=9&fst=1631232000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa910&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.sanfordhealth.org%2F&tiba=Sanford%20Health%3A%20Health%20Lives%20Here&async=1&fmt=3&is_vtc=1&random=303832468&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:803::2003 Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1e15f305a7cc3f4bab6d259440b64042.png
dhanprodfrontend.blob.core.windows.net/sana/ 10 KB
11 KB 122ms
122ms Image
image/png 52.239.234.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dhanprodfrontend.blob.core.windows.net/sana/1e15f305a7cc3f4bab6d259440b64042.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.234.100 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9b51b457ae61d100ce25adb77071b33a7f5ebc359c30f373e88a9323a4f61d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 10 Sep 2021 00:23:34 GMT
Last-Modified: Thu, 09 Sep 2021 06:56:25 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: w+37MYRFubRZYgYfflTQSw==
ETag: 0x8D9735EF1212198
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: c5d5c0a1-a01e-004b-03da-a5f572000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 10287

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/ 86 KB
32 KB 14ms
13ms Script
text/javascript 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d039528c2cdfbd9e836c5f23c999f801caf8746cd8c5789bfec09c697b9c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 17:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32054
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 21:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 17:33:52 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/ 288 KB
88 KB 17ms
17ms Script
text/javascript 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&libraries=places&callback=InitializeMap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

134376d0d2e8e3b8333cf504dd9cab6d72bf56387d0230e5ba0d29898961f029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 17:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90354
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 21:18:10 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Sep 2022 17:33:52 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
209 B 62ms
62ms Script
text/javascript 2a00:1450:400a:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.sanfordhealth.org%2F&4sAIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&callback=_xdc_._z920yc&key=AIzaSyDbHfBVCDlzxS2CJvdJZ7UujYMxPhs8JoE&token=19321

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/4/intl/de_ALL/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:801::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

6b3b975e6e9ade783069e1f994f2407d36f095c5d14b08812e1b438e167d5f12

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 00:23:34 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 17ms
17ms Image
image/gif 2a03:2880:f15b:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=158452134738346&ev=TimeOnSite0%3A05&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&rl=&if=false&ts=1631233414658&cd[content_ids]=Time%20On%20Site%200%3A05&cd[content_type]=Timer&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1631233410091.2091364760&it=1631233409934&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f15b:83:face:b00c:0:25de Zurich, Switzerland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 00:23:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 18ms
18ms Image
image/gif 2a03:2880:f15b:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=262187534856933&ev=TimeOnSite0%3A05&dl=https%3A%2F%2Fwww.sanfordhealth.org%2F&rl=&if=false&ts=1631233414659&cd[content_ids]=Time%20On%20Site%200%3A05&cd[content_type]=Timer&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1631233410091.2091364760&it=1631233409934&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f15b:83:face:b00c:0:25de Zurich, Switzerland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.sanfordhealth.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 00:23:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 00:23:34 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 92ms
92ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.sanfordhealth.org
date: Fri, 10 Sep 2021 00:23:35 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 14ms
13ms Preflight 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.sanfordhealth.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:35 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
185 B 244ms
244ms XHR
application/json 40.114.241.141
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: dhan-sana-cdn.azureedge.net
URL: https://dhan-sana-cdn.azureedge.net/main.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.241.141 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sanfordhealth.org/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: B11C6262-4E72-48E2-A956-FB143E920DE9
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Fri, 10 Sep 2021 00:23:36 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.sanfordhealth.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: elwtv0g55kavtala2sosy4pl
www.sanfordhealth.org/	1970-01-20 05:52:49	Name: ai_user Value: y37h2\|2021-09-10T00:23:29.503Z
.sanfordhealth.org/	1970-01-19 23:16:49	Name: _gcl_au Value: 1.1.1911095417.1631233410
.sanfordhealth.org/	1970-01-20 14:38:25	Name: _ga_JSE8FM168H Value: GS1.1.1631233409.1.0.1631233409.0
.sitescdn.net/	1970-01-19 21:07:15	Name: __cf_bm Value: XEBovbkHutKnilr8Q332E_T9lxKbHeUue9oNy6u3xr4-1631233409-0-AcWaqovsSGXQWgQvRdOMynLeWUyKVuDZxfkB7ITQN0ugyugjoMD6oI8rWfkK0F/RU8JvI/f3fwiF6rKTAOX5jE8=
.bing.com/	1970-01-20 06:28:49	Name: MUID Value: 2AF7D53E6B5061E23885C5906A3B6003
.sanfordhealth.org/	1970-01-20 14:38:25	Name: _ga Value: GA1.2.1373797448.1631233410
.sanfordhealth.org/	1970-01-19 21:08:39	Name: _gid Value: GA1.2.1727096124.1631233410
.sanfordhealth.org/	1970-01-19 21:07:13	Name: _gat_UA-17672572-1 Value: 1
www.clarity.ms/	1970-01-20 05:52:49	Name: CLID Value: f750df2c4221498fa200c2beb40c60b2.20210910.20220910
.sanfordhealth.org/	1970-01-19 21:08:39	Name: _uetsid Value: 5300bcc011cd11ecb8470176953617d3
.sanfordhealth.org/	1970-01-20 06:28:49	Name: _uetvid Value: 5300d2a011cd11ec83b635ff5f2c3467
www.sanfordhealth.org/	1970-01-19 21:07:15	Name: ai_session Value: KdSsI\|1631233410024.2\|1631233410024.2
.sanfordhealth.org/	1970-01-20 21:07:13	Name: nmstat Value: 8edea663-e717-8283-e5e8-fcc76b0d712e
.sanfordhealth.org/	1970-01-19 23:16:49	Name: _fbp Value: fb.1.1631233410091.2091364760
.sanfordhealth.org/	1970-01-20 05:52:49	Name: _pin_unauth Value: dWlkPVpETmlZMlV3TmpFdE5UYzNNUzAwWldKaExXSmtPVE10Tnpnd056bG1ZVFE1TlRaaw
usageanalytics.coveo.com/	1970-01-20 05:52:49	Name: visitor Value: 0e670b4c-2d0e-4d9c-9ce3-06ca300f44a8
.twitter.com/	1970-01-20 14:38:25	Name: personalization_id Value: "v1_KkPVgRKvThTPvpJiln5Q5w=="
.sanfordhealth.org/	1970-01-20 05:52:49	Name: _clck Value: 1lcnfzy\|1\|eum\|0
18499.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1981F7471278D2E5200322457FFB222DB8AF541B057095385CB5B7C14B792926FCB43A208B8D10B5C6859F294FEB265160659E2F6D1D6F23037F9004CC1D3117D4C25434F9
.c.bing.com/	1970-01-20 06:28:49	Name: SRM_B Value: 2AF7D53E6B5061E23885C5906A3B6003
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 06:28:49	Name: MUID Value: 2AF7D53E6B5061E23885C5906A3B6003
.c.clarity.ms/	1970-01-19 21:07:14	Name: ANONCHK Value: 0
.linkedin.com/	1970-01-19 21:50:25	Name: UserMatchHistory Value: AQJBHZdk3N5wYQAAAXvNFoVF9CaO0fgDYJ-g1KVMrTZY0PLScOO2cTP-mWaa263sTwJ_Ut0P0sJ3jQ
.linkedin.com/	1970-01-19 21:50:25	Name: AnalyticsSyncHistory Value: AQKThVlAm1rUGwAAAXvNFoVGoI5UdeJr9XcXojYptSjkJRQuGrQFM7bqCSvNRLXKHqw3Lg_DdMSd5gGA-XdhEw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:39:07	Name: bcookie Value: "v=2&96b7491a-6b5c-4d2a-8dec-e352bf79a5e2"
.linkedin.com/	1970-01-19 21:08:39	Name: lidc Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2499:u=1:x=1:i=1631233410:t=1631319810:v=2:sig=AQHvy893o-jRRqukVBp_kiqjv5pJCdxP"
.sanfordhealth.org/	1970-01-19 21:08:39	Name: _clsk Value: g515o4\|1631233410693\|1\|1\|f.clarity.ms/collect
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 14:39:07	Name: bscookie Value: "v=1&20210910002330201e689e-3f0f-492c-89f1-88f7f2b0cb09AQGLLa1maYT8YNs7eE7lQs1qkxXeR0Jw"
.linkedin.com/	1970-01-20 14:36:47	Name: li_gc Value: MTswOzE2MzEyMzM0MTA7MjswMjH0ls+SpKgHJ6i57XTcBC77A9NDJnqb5CPl0B/UNRVJEw==
www.sanfordhealth.org/	1970-01-20 06:28:49	Name: __hstc Value: 239181569.6352e28ada0f29ecc772fdffc20e963d.1631233411302.1631233411302.1631233411302.1
www.sanfordhealth.org/	1970-01-20 06:28:49	Name: hubspotutk Value: 6352e28ada0f29ecc772fdffc20e963d
www.sanfordhealth.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.sanfordhealth.org/	1970-01-19 21:07:15	Name: __hssc Value: 239181569.1.1631233411302
.doubleclick.net/	1970-01-20 06:28:49	Name: IDE Value: AHWqTUm0ap_E0xvhY0cgjsIIAKq8v-4FQQRB0pEaA5EUk6jPnxeX3NpwIcRbwWIE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10083857.fls.doubleclick.net
18499.global.siteimproveanalytics.io
adservice.google.com
adservice.google.de
analytics.twitter.com
api.hubapi.com
assets.sitescdn.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
connect.facebook.net
ct.pinterest.com
dc.services.visualstudio.com
dhan-sana-cdn.azureedge.net
dhanprodfrontend.blob.core.windows.net
extend.vimeocdn.com
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
forms.hubspot.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsleadflows.net
maps.googleapis.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
siteimproveanalytics.com
snap.licdn.com
static.ads-twitter.com
static.cloud.coveo.com
stats.g.doubleclick.net
t.co
track.hubspot.com
usageanalytics.coveo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.sanfordhealth.org
www2.sanfordhealth.org
104.244.42.3
104.244.42.69
108.174.10.14
142.250.203.98
143.204.207.4
151.101.0.84
151.101.240.157
151.101.242.109
172.217.168.38
20.84.22.197
206.208.217.193
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:3031::ac43:91b0
2606:4700::6810:5814
2606:4700::6811:43b0
2606:4700::6811:71b0
2606:4700::6811:c9cc
2606:4700::6811:d5cc
2606:4700::6811:eacc
2606:4700::6812:14bf
2606:4700::6812:7034
2606:4700::6813:9a53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:27::cafe:2080
2620:1ec:bdf::60
2620:1ec:c11::200
2a00:1450:400a:801::2002
2a00:1450:400a:801::200a
2a00:1450:400a:802::2008
2a00:1450:400a:803::2002
2a00:1450:400a:803::2003
2a00:1450:400a:803::2004
2a00:1450:400a:808::200e
2a00:1450:4013:c00::9d
2a02:26f0:f3:58f::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f15b:83:face:b00c:0:25de
2a04:4e42:39::84
40.114.241.141
52.142.114.2
52.239.234.100
52.28.224.120
54.161.185.208
00b4e498e234c71b14fba50f7be5190e5361e3a9d8345926b40c553295d2f2a6
01ab8e0408dad7d8230399973a3a3ef3f9df1a995d25f3f86508edfb4fec8e92
04010bcf888f07211603623d130f5c0bb367522026ec7e7c40df800652535b4a
0451aa5fab1b63f58a03c1435e3ae0a73c57c6b3ef584af002c82f8d89050af0
052ae1792f870a73fdf593991e77fe50c472c63fd21055a3697d4b0ab80bec55
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
079f6233681074cca2f4d6a7e3c8aff27053d7af7a111a49e612a2afbb7ac20a
0a48f9d07e25c7044984d2e0d828d06dc37a67d1bbf85f883adf16aabfa454d3
0e0fbcb50f25d7d9fa20b20f7d4bf3e2f006a1205c00f4605fae33b781bf1fff
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134376d0d2e8e3b8333cf504dd9cab6d72bf56387d0230e5ba0d29898961f029
15d45fecc69fc7bb124a89ac1a7baed0ced324dd70fcaaa8c827a8ede2bac133
192a2afe1a290d112ca4157406867c6bc6b65160df7d41a07fa2a566c82f9264
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20330aa955d769c42ecbdb4e1c6208986cbd87e25fbbd258945cfa2b9dc2bf83
23a633212addaecd6edef9a14b775570db16a1484b26d0cd340d27ab82ca0c97
23bfcecbdebbd0141036e613fd3677defae7d220f3da99692023d8915b738540
2b5abbe94295d461adbd4a3a906549b27f1aed104a9ea1e78cf11d7409c99c3f
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
35a5190dd8f31ea8e9d9dc19ecfecfd3a851ddc4fda47009bea8927096f68598
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3adfaa9910b7ffe1cdade00c342d2593833e7cefd9093ce3b5eb5dca8cb59345
3d024ff5523855acc035f44d88b7b87588e1c2b2f20916a04f88677f6963ba76
3f6537f85f71e5ca9672d7cb7d73eebc9cbbbba5233b04ca04f0983d2283ecca
46506590be62fc82707f9ad3183a6e0fd9c114e2500cdf51c85a352a7e298b5d
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
4bf7b4335f93390740535b1e55da9296acbda0b1740ab5d0be17d75cfe32ebfe
4d588eecc20522ade7e98d72df67917c8fcd7c8c6da9e9656179a05417687993
561f2e8d35f0356435d8885fd8895ce8e1908ac26a9c7bcd55e9da3d1d05cc5a
598e96a6f0a7558295ca05cc78d45c9390edc8063c7c42b0d554a4bef8da4c3f
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
679be677a028472f2095e15326628ce2723a76e474bc21df464decd647384b96
68d525dc844915e4d71d79addf52397416bccfe244e7927fb8d9812cd7d0f70f
6b3b975e6e9ade783069e1f994f2407d36f095c5d14b08812e1b438e167d5f12
6c2caca98e591256ef0ae6a2a4f5b57a3f7573338f3daa6dbad35a466748bd4f
71160cdda04762147f200673de4fdd9e120fdb69b2d4fe06bce3cea06f042bce
73d039528c2cdfbd9e836c5f23c999f801caf8746cd8c5789bfec09c697b9c40
7cdb60939b35a66db358feadd63c4155f5a5e26ddcac3b97c392768475264d10
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
80e621a072131135b25b516a71c6340b593b97da33c6f8b5884f5762f9ba8541
80f27052d386aa262173d6b2effdac78a35841ad0af0e7c691b8677170ddd52b
822586c49e7dd3b41a08df641fdb3381b3a5b75cabe56dd47778997515ba0e81
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d4e6099a6321789195f5a0d9ed9577c1a9e0f60a8afc6228619dff665d55b2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88c499036f299aafbdcdef6835746230e563a1800997b1c2695e6a3c96a9d3d4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8dcca90a34c687ae293e7d56e8acb7a77f0cf913048173f34d3c03e7ba7a98ae
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b51b457ae61d100ce25adb77071b33a7f5ebc359c30f373e88a9323a4f61d9c
9d28fcb2fbb34e7b870a724af4b0d56e209e88fba258dbeda1ad093f37f09ce9
a29be51bcc039f93f4b9c62a3f77f512b07815494fc6eefcb9f183a53b90e0b5
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a87a192d04d559e1c458e38d51977a3121aa30e67d396022926cad9f1e36cc45
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ba3cfb9182fc7b7d2ab30c1153f4e6e21f956bf88c4ded69c8d8a7da529bfeca
bc78176b4c15aa7ca9293569bc175161863bfc1f145dd5f066a978968ad34760
bf021193a278b56c56741d3699807cb5f631c1e9b10c4c94018554d1c109603a
c0b4500151e7f7dd327f30d9b503b361d8fb59cc68520783306dfa13615283ce
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c31913259475369ec49a9188e2aea68e4adfbbb5beffb2d06f5e0e6b327cc643
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6fb7c4edc2eeb1a0d5c47b17b1038189acd38fa7d07ea58a3432098075bd0d7
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
ca9ae0595c4328fe3d30f7387086778b27d3523c1774882b0e8ef83c5de99267
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
d5343b9a9c667a328bd11798a1d4950326c2e48189873d45b2d515c56aad2cd6
d6a55dbc4b6340a0234161362dbba78ab92a6751c8a992d97e380a52791aaee0
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcc4d7b5d87c2cacfa9362308b326f65556b56f7ff33166c82d7640df27f1cfa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
eeb11bd521b056e3353924df9585403d013b2ccca5122db56ae4272816bfc349
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f462c03ba3e54ebbd19059133ff2ea90678bdc8de6fbf3fc453d8995b3c3003b
f6b36645ffa991c45e68593f334d71e6aeebba16aeca387778132c51d6e3e987
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd61bfbcd72021f1215cc671f9eddcb260ccafa762d4694963e70f4b12f32225
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.sanfordhealth.org Open in urlscan Pro 2620:1ec:bdf::60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

100 %HTTPS

64 %IPv6

36 Domains

49 Subdomains

41 IPs

6 Countries

2253 kBTransfer

6955 kBSize

38 Cookies

25 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sanfordhealth.org Open in urlscan Pro
2620:1ec:bdf::60 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

100 %
HTTPS

64 %
IPv6

36
Domains

49
Subdomains

41
IPs

6
Countries

2253 kB
Transfer

6955 kB
Size

38
Cookies

117 HTTP transactions
0 data transactions