urlscan.io logo urlscan.io
SecurityTrails logo

provisionsgroup.com Open in urlscan Pro
35.185.209.134  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www2.provisionsgroup.com/e/955473/ys-from-hlth-2022-an-overview-/ctk6g/398171746?h=88LuIN6TIgQg90TUHobN3D8jahTCqadxkY2NwY...
Effective URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Submission: On March 02 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 36 HTTP transactions. The main IP is 35.185.209.134, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is provisionsgroup.com.
TLS certificate: Issued by R3 on January 21st 2023. Valid for: 3 months.
This is the only time provisionsgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.92.120.28 14618 (AMAZON-AES)
4 35.185.209.134 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 141.193.213.11 209242 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
4 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
1 146.75.120.157 54113 (FASTLY)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
1 2600:9000:20e... 16509 (AMAZON-02)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
2 34.107.203.234 396982 (GOOGLE-CL...)
2 2a03:2880:f11... 32934 (FACEBOOK)
36 18
1    3.92.120.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-120-28.compute-1.amazonaws.com
www2.provisionsgroup.com
4    35.185.209.134 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 134.209.185.35.bc.googleusercontent.com
provisionsgroup.com
2    2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
prvgrpprd.wpenginepowered.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a02:26f0:11a::217:9a58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2600:9000:20eb:4000:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tools.luckyorange.com
1    2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2600:9000:20eb:6a00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
2    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 11902
settings.luckyorange.com — Cisco Umbrella Rank: 12088
87 KB
5 typekit.net
p.typekit.net — Cisco Umbrella Rank: 568
use.typekit.net — Cisco Umbrella Rank: 440
123 KB
5 provisionsgroup.com
www2.provisionsgroup.com
provisionsgroup.com
350 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 361
www.linkedin.com — Cisco Umbrella Rank: 564
px4.ads.linkedin.com — Cisco Umbrella Rank: 6058
3 KB
4 wpenginepowered.com
prvgrpprd.wpenginepowered.com
267 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 105
236 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
136 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2425
310 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
144 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 813
368 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 628
392 B
1 t.co
t.co — Cisco Umbrella Rank: 536
377 B
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4464
2 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 704
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 633
15 KB
36 15
Domain Requested by
4 use.typekit.net provisionsgroup.com
4 prvgrpprd.wpenginepowered.com provisionsgroup.com
4 provisionsgroup.com provisionsgroup.com
3 tools.luckyorange.com www.googletagmanager.com
tools.luckyorange.com
2 www.facebook.com provisionsgroup.com
2 settings.luckyorange.com tools.luckyorange.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net provisionsgroup.com
connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com provisionsgroup.com
1 px4.ads.linkedin.com provisionsgroup.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 analytics.twitter.com provisionsgroup.com
1 t.co provisionsgroup.com
1 ws.zoominfo.com provisionsgroup.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 p.typekit.net provisionsgroup.com
1 www2.provisionsgroup.com 1 redirects
36 20
Subject Issuer Validity Valid
provisionsgroup.com
R3		 2023-01-21 -
2023-04-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-18 -
2023-04-18		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-09		 2 months crt.sh
luckyorange.com
Amazon RSA 2048 M01		 2023-02-27 -
2024-01-16		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2022-04-21 -
2023-04-21		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
settings.luckyorange.com
R3		 2022-12-30 -
2023-03-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Frame ID: FF9E4D6519FC8B49F637867A83759FBD
Requests: 32 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=857c7ba
Frame ID: 5805918F727064385207345E6B163810
Requests: 3 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=857c7ba
Frame ID: 6876FC6840A5EDA75C388D485EF2C1B1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4D63E8B9D7A75AD6AD6D1FDE4129F6F3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Takeaways from HLTH 2022: An Overview - Provisions Group

Page URL History Show full URLs

  1. https://www2.provisionsgroup.com/e/955473/ys-from-hlth-2022-an-overview-/ctk6g/398171746?h=88LuIN6TIgQg90TUHo... HTTP 301
    https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Page Statistics

36
Requests

89 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

18
IPs

4
Countries

1130 kB
Transfer

3139 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www2.provisionsgroup.com/e/955473/ys-from-hlth-2022-an-overview-/ctk6g/398171746?h=88LuIN6TIgQg90TUHobN3D8jahTCqadxkY2NwYniKJ8 HTTP 301
    https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4109257%26time%3D1677758062076%26url%3Dhttps%253A%252F%252Fprovisionsgroup.com%252Ftakeaways-from-hlth-2022-an-overview%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&liSync=true&e_ipv6=AQK3CncWbGCtpwAAAYaiLF-fa-ZfXpOzN_Mtz0jU23C85pkew1_LMYuKtb9w8QnH

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Redirect Chain
  • https://www2.provisionsgroup.com/e/955473/ys-from-hlth-2022-an-overview-/ctk6g/398171746?h=88LuIN6TIgQg90TUHobN3D8jahTCqadxkY2NwYniKJ8
  • https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
88 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e0c7e325257b1a476556a821fc25da31985e62287e2ace16e243f49d5bf5737d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 02 Mar 2023 11:54:20 GMT
link
<https://provisionsgroup.com/wp-json/>; rel="https://api.w.org/" <https://provisionsgroup.com/wp-json/wp/v2/posts/4159>; rel="alternate"; type="application/json" <https://provisionsgroup.com/?p=4159>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 1
x-cache-group
normal
x-cacheable
SHORT
x-pingback
https://provisionsgroup.com/xmlrpc.php
x-powered-by
WP Engine

Redirect headers

Connection
keep-alive
Content-Length
130
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Mar 2023 11:54:19 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
max-age=63072000
content-encoding
gzip
expires
Sat, 01 Mar 2025 11:54:19 GMT
location
https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
vary
Accept-Encoding,User-Agent
2de857ae8b8d835ce3d7ebdd24dde2a4.css
provisionsgroup.com/wp-content/cache/min/1/ 		782 KB
90 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef7087e77d717cc989541eb719f07a9c437e5b7b25be8e39a2254e02180f95e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
content-encoding
br
last-modified
Mon, 27 Feb 2023 22:33:15 GMT
server
nginx
etag
W/"63fd2fab-c37d1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		219 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9MYHBDCMJ2
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93f2589446c6f026253412008302ffdecb2ed32131a70728925ad9181f564d42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78525
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 02 Mar 2023 11:54:21 GMT
i18n.min.js
prvgrpprd.wpenginepowered.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prvgrpprd.wpenginepowered.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 19:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
95604
etag
W/"632e0f32-27f6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMPaM7qjGChFDeRo1chpBobYIigCJ557hEz9pzIlYdBCIuTQHwwNCLrDr7DRCQo74JLWwvY8D1SehpKN9EDU47tx04wQFFf%2BdOvFLdKIv%2Bx8EjZNlnlRAmh1JucQBKak25qv9Vi8%2BcHciDC88Sbl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a1971c98a5f2c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
lazyload.min.js
prvgrpprd.wpenginepowered.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prvgrpprd.wpenginepowered.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 14 Feb 2023 22:52:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
95604
etag
W/"63ec10b7-2063"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tw34xDAu8h1%2F52mU7zrut5watjsQbXGN3LeXoQG0VXS91PkiE4kBxlCbc3Lx27hAkG6IpndiEU5ZY4N4Za7TYVOpRnvbLhCX9gDs3WnFfH5kElsGcdRoLTfg2nfEDK%2Bws8ypQcqW%2BS5h27ooECIL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7a1971ce190a2c20-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
4dd0e5328f6c14cba4de5d1ef3ef53f0.js
provisionsgroup.com/wp-content/cache/min/1/ 		514 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/wp-content/cache/min/1/4dd0e5328f6c14cba4de5d1ef3ef53f0.js
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6a61d5468f1a3d6341ff7e7c0ff879c6060a97d455e94daee791e995ee6788f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
content-encoding
br
last-modified
Mon, 27 Feb 2023 22:33:16 GMT
server
nginx
etag
W/"63fd2fac-80632"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=swz6prv&ht=tk&f=139.140.175.176&a=697053&app=typekit&e=css
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9MYHBDCMJ2&gtm=45je32r0&_p=134218768&gdid=dZTNiMT&cid=1572586758.1677758062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677758061&sct=1&seg=0&dl=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&dt=Takeaways%20from%20HLTH%202022%3A%20An%20Overview%20-%20Provisions%20Group&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MYHBDCMJ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 11:54:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provisionsgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02d3accb1440be6cea4296c95b4ce646ee4b676c06a5bf492e64a337166d3afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68875
x-xss-protection
0
last-modified
Thu, 02 Mar 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 02 Mar 2023 11:54:21 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7690da7ff64e2d6d83d50e84555271de796dc87c9f079283487cff53274eedf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
server
nginx
etag
"6aeae62b893768150f3460329dc461358e8ab2f5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29820
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc3585fc68616a1df4514b8652e019b16f7f60402b07456061bdbdecccc6f071

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
server
nginx
etag
"09d1a94c81035c62708e0a513ee76d7886d15a25"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
30704
l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
server
nginx
etag
"45b6acdd85bc39b5dfc108ace1ad2dbe5fca28ba"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
31620
l
use.typekit.net/af/4de20a/00000000000000007735e604/30/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/4de20a/00000000000000007735e604/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c

Request headers

Referer
https://provisionsgroup.com/
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:21 GMT
server
nginx
etag
"59a4b2c03f9b7609599aab6c503269f21dd7d06e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32312
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
26cea47ccefbfba5e147b13e3654d20c6dd820743159fdb5e0c340aeb8fcc2cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
provisions-group-logo.png
prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/03/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/03/provisions-group-logo.png
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf1eaa6a2990a73774c97296943598e6654e7fe58b8441a50b26624735e1b2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Apr 2022 19:36:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"62475447-3f41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDKJMXSWxt1EjCShagFSQnnOcX2CbHF0KMDKqKUsWU8Pvcd20k0JxlgF4aqVDjOH3XGOFYJ5StpRPWaTvBIOWrjUJjoh3F99zCwqWcMBcMhspyqRRYxVOarUxVmZ%2BDb%2FAhusMN7SFtJDTJdyReb4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a1971cf1b959b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16193
EricThrailkill-Article-Thumbnail2-L1hc.jpg
prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/12/ 		242 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prvgrpprd.wpenginepowered.com/wp-content/uploads/2022/12/EricThrailkill-Article-Thumbnail2-L1hc.jpg
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ccba6473bec2ce702c9cf91a2ff4339587fb3a3ee043609fd3ee6e81c57f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Dec 2022 15:02:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63989401-3c8eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wB4EngU0H%2BXYW6Doto6we1r4lWbbMYYdsQA5jEvcf6NHS0TNjuJZwD9i7c5d6VwmCxNRGtStLCwcuSqv9QLUpWNxu13oCfI7%2Fdlb16AhGLirQI3fg0YIQ%2BPeJEew%2BHygycMsS9TFH9Ekxxub%2B9L"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a1971cf1b989b8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
248043
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-hhn-etou8220053-HHN
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=21697
accept-ranges
bytes
content-length
4777
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 02 Mar 2023 11:54:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4wqEfTO1Q3YitzlE5wZEtigloBd1kI6WJPaG9jNnFza4IkQcplffkORFdIebTrHvzW9mB6m4FIExOIX1exIMew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
lo.js
tools.luckyorange.com/core/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=c6a7ff2f
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XNKDCD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c7a6484f1303a89df4a02740eca5067ce8a288ef697ae00080f2cfab69aabad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:00:20 GMT
content-encoding
gzip
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
3243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4324
last-modified
Tue, 31 Jan 2023 17:16:34 GMT
server
AmazonS3
etag
"2075b89590bf11cc6811b6515dfdb4e1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
6OO6cGuwXQhhH2-CoB4vzV0VELCdju-MGEJ2r6xgQcNEBJOYE_pWvQ==
zRMKt2telQiSTK6AQpsl
ws.zoominfo.com/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/zRMKt2telQiSTK6AQpsl
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/4dd0e5328f6c14cba4de5d1ef3ef53f0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
45edfe45779e7eaa2c5732fed460a473ce86d012a7e15fec5d1ff995bbcff9e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7a1971cfba8a2c42-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bootstrap-icons.woff2
provisionsgroup.com/wp-content/themes/pg-marketing-theme/css/fonts/ 		100 KB
100 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://provisionsgroup.com/wp-content/themes/pg-marketing-theme/css/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.209.134 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.209.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

Request headers

Referer
https://provisionsgroup.com/wp-content/cache/min/1/2de857ae8b8d835ce3d7ebdd24dde2a4.css
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
last-modified
Fri, 01 Apr 2022 19:47:41 GMT
server
nginx
etag
"624756dd-19088"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
102536
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=e63c2790-e8d2-4044-a103-f61cf5efa598&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3f974409-c7f2-46ad-b433-0e33fb742f0a&tw_document_href=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcxi&type=javascript&version=2.3.29
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
107
date
Thu, 02 Mar 2023 11:54:21 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
a60b9698daa1fc32
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
5b12c69e36655aa50641e823e566735887440a1d783a9932866369a85521ba40
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e63c2790-e8d2-4044-a103-f61cf5efa598&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3f974409-c7f2-46ad-b433-0e33fb742f0a&tw_document_href=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzcxi&type=javascript&version=2.3.29
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time
109
date
Thu, 02 Mar 2023 11:54:21 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
1a7ad7bc1ea01c1e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
b33f1b791ad9b6ce2e0080b2f5be6d3981ffaf904b2a1eb341a84f01ac3178e4
content-length
43
token
cdn.linkedin.oribi.io/partner/4109257/domain/provisionsgroup.com/ 		36 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4109257/domain/provisionsgroup.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6a00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://provisionsgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
content-encoding
gzip
via
1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
nxCvVrOIWSB2kS4vpsXi9p02SAdHPL43AQ4-v17f4QwLakMKAjcZ_Q==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4109257%26time%3D1677758062076%26url%3Dhttps%253A%252F%252Fprovisionsgroup.com%25...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&liSync=true&e_ipv6=AQK3CncWbGCtpwAAAYa...
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&liSync=true&e_ipv6=AQK3CncWbGCtpwAAAYaiLF-fa-ZfXpOzN_Mtz0jU23C85pkew1_LMYuKtb9w8QnH
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A16D7DA8D980408989CE14508C0941DE Ref B: FRAEDGE1214 Ref C: 2023-03-02T11:54:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX16X1YWJee9TZSwIEChA==

Redirect headers

date
Thu, 02 Mar 2023 11:54:22 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5A77EB8126BE4596914C1DFAE21333F8 Ref B: FRAEDGE1411 Ref C: 2023-03-02T11:54:22Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4109257&time=1677758062076&url=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&liSync=true&e_ipv6=AQK3CncWbGCtpwAAAYaiLF-fa-ZfXpOzN_Mtz0jU23C85pkew1_LMYuKtb9w8QnH
x-li-proto
http/2
content-length
0
x-li-uuid
AAX16X1VY6c/j4rdq3zPtA==
563413597391239
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/563413597391239?v=2.9.97&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d3f0cc8e1eb01034143e23c7ea2e97f6d3af7994e3934504e99b56a68b1106a4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 02 Mar 2023 11:54:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
y1xE4E8jkvk4S4nRwUccYv+mXOQGJIF/hALCGdaHSN/VholltDF8cJy0iw3Yh21YiY75WcsTWI+VclQlKHfWag==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
c6a7ff2f
settings.luckyorange.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/c6a7ff2f
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=c6a7ff2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
b2fd316eafc05e3f64566f84403eb17bb1d0c54e31daec31959139a131c7adaf

Request headers

Referer
https://provisionsgroup.com/
accept-language
de-DE,de;q=0.9
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
x-lucky-referrer

Response headers

date
Thu, 02 Mar 2023 11:54:22 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://provisionsgroup.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c6a7ff2f
settings.luckyorange.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/c6a7ff2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://provisionsgroup.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://provisionsgroup.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 02 Mar 2023 11:54:22 GMT
via
1.1 google
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=563413597391239&ev=PageView&dl=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&rl=&if=false&ts=1677758062213&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677758062212.1903287381&it=1677758062081&coo=false&rqm=GET
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://provisionsgroup.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 02 Mar 2023 11:54:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
core.js
tools.luckyorange.com/core/ Frame 5805 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/core.js?v=857c7ba
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=c6a7ff2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
168fcbc07a12214029a524b2c356e9eec68ffc5e0c3ae1673f967f6d5e6c8753

Request headers

Referer
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 28 Feb 2023 18:31:26 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
148977
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
63454
last-modified
Tue, 31 Jan 2023 17:16:35 GMT
server
AmazonS3
etag
"e0425260b8bf1a3e4ff88f1392ccbe6e"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
mKPnjxtGMvLXKjC-r5EU52NFLpHy8JTQ14tYC8n6r3pyQ7zdDEDHKA==
frame.js
tools.luckyorange.com/core/ Frame 6876 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/frame.js?v=857c7ba
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=857c7ba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4000:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
446eb6518cdf4314faab366ccad1d2c006592092014cfe746a9fe669191f02d4

Request headers

Referer
Origin
https://provisionsgroup.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 11:54:24 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
18395
last-modified
Tue, 31 Jan 2023 17:16:34 GMT
server
AmazonS3
etag
"e52b1ab6e871c0ca0e3a2d5d860a18e9"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
uaRojuClpY--FnwwuwVzssr0JRjy-928kywK7BAc2c8uJszIpoGjww==
frame.js
tools.luckyorange.com/core/ Frame 4D63 		0
0
/
www.facebook.com/tr/ Frame 4D63 		0
51 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://provisionsgroup.com
Referer
https://provisionsgroup.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://provisionsgroup.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 02 Mar 2023 11:54:22 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
145cfc7d-953b-4b9d-a0c0-b76114266f0c
https://provisionsgroup.com/ Frame 5805 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://provisionsgroup.com/145cfc7d-953b-4b9d-a0c0-b76114266f0c
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length
0
Content-Type
a9bea1c4-4158-4250-abe5-cf7bae1a93bb
https://provisionsgroup.com/ Frame 5805 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://provisionsgroup.com/a9bea1c4-4158-4250-abe5-cf7bae1a93bb
Requested by
Host: provisionsgroup.com
URL: https://provisionsgroup.com/takeaways-from-hlth-2022-an-overview/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3648d85a81501c3a246d6d6225cedbe42b544e0014d2b714428510371b37b376

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length
22873
Content-Type
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9MYHBDCMJ2&gtm=45je32r0&_p=134218768&gdid=dZTNiMT&cid=1572586758.1677758062&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1677758061&sct=1&seg=0&dl=https%3A%2F%2Fprovisionsgroup.com%2Ftakeaways-from-hlth-2022-an-overview%2F&dt=Takeaways%20from%20HLTH%202022%3A%20An%20Overview%20-%20Provisions%20Group&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9MYHBDCMJ2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://provisionsgroup.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 02 Mar 2023 11:54:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://provisionsgroup.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tools.luckyorange.com
URL
https://tools.luckyorange.com/core/frame.js?v=857c7ba

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| gform object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| pg_ajax function| sprintf function| vsprintf object| gform_i18n object| gf_legacy_multi object| gform_gravityforms object| gf_global object| gf_legacy object| gform_theme_config object| lazyLoadOptions function| LazyLoad function| twq string| _linkedin_data_partner_id function| fbq function| _fbq object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| bb_powerpack object| runtime function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile undefined| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden undefined| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields undefined| GFMergeTag undefined| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformInitializeSpinner function| gformRemoveSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input undefined| rgars undefined| rgar object| __core-js_shared__ object| core object| wpo365 undefined| $ function| jQuery number| uidEvent object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp object| twttr function| lintrk boolean| _already_called_lintrk object| LO object| ziws object| LOQ object| _loq

20 Cookies

Domain/Path Name / Value
www2.provisionsgroup.com/ Name: visitor_id955473
Value: 94295224
www2.provisionsgroup.com/ Name: visitor_id955473-hash
Value: c022b7c84073312c3334761d01266e622467f63b2eb1ca7ea0ecb0573e73f88d78868df39cefd1f8a716f3388f8401bac8883996
.provisionsgroup.com/ Name: _ga
Value: GA1.1.1572586758.1677758062
.provisionsgroup.com/ Name: _gcl_au
Value: 1.1.768752318.1677758062
.provisionsgroup.com/ Name: _ga_9MYHBDCMJ2
Value: GS1.1.1677758061.1.1.1677758061.0.0.0
.ws.zoominfo.com/ Name: visitorId
Value: 22a187312c8f2d46c99a800b2c7e748b33c3f5e576ceed34fb6299e6c090be01
.zoominfo.com/ Name: __cf_bm
Value: VBzmeU85dRaVBm5Ek.0RfH.lnnMD9w5ZBGVS7vf5qiM-1677758062-0-ATGQUVQDynzPe2A91vwpeX08m8bNAydvtEG8gKvNAjELxdd67Mvs6IqhZA4NaJOdrzAHQP0AFZzDfF5PeogKm64=
.zoominfo.com/ Name: _cfuvid
Value: NKxhulhNYKa2R6kwXVsX3eB3kwsrj9TKnLsTDWSxDi4-1677758062186-0-604800000
.provisionsgroup.com/ Name: _fbp
Value: fb.1.1677758062212.1903287381
.twitter.com/ Name: personalization_id
Value: "v1_Fc2eGI08vJVD4gtOP6yN1Q=="
.t.co/ Name: muc_ads
Value: 7cc747df-8a3e-4360-a41e-228f6c0ad67b
.linkedin.com/ Name: UserMatchHistory
Value: AQKQHztAhf1TxgAAAYaiLF5syySv63adfSy6laItRe5T_h7CHGuqv9UJQ_wQRb0grSafPR2S8FpTiQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKZAvcaw8xOIwAAAYaiLF5saRsZLpGLKcTDkdk8n2FO1Af5NI6FwClNg5Wpa9GVZWsmcc6q_oZiLvaOJr_saw
.linkedin.com/ Name: bcookie
Value: "v=2&4725b2eb-d701-4db2-80cb-a282d4949f82"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=2930:u=1:x=1:i=1677758062:t=1677844462:v=2:sig=AQHgKlhuUCJO6J723r3_kaYI7pBjkrde"
provisionsgroup.com/ Name: ln_or
Value: eyI0MTA5MjU3IjoiZCJ9
.www.linkedin.com/ Name: bscookie
Value: "v=1&202303021154227f931ef9-3883-4499-88cb-e500bed56322AQGbjtLXSj4VoR7Qmg-1o51SqIMUhVK5"
.linkedin.com/ Name: li_gc
Value: MTswOzE2Nzc3NTgwNjI7MjswMjG7Xtz06URzQITxupfxHfbxISbE0VvOVJmNM7fdQE97mg==
.provisionsgroup.com/ Name: lo-uid
Value: c6a7ff2f-1677758062515-0eaedc2ad5624090
.provisionsgroup.com/ Name: lo-visits
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
cdn.linkedin.oribi.io
connect.facebook.net
p.typekit.net
provisionsgroup.com
prvgrpprd.wpenginepowered.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
settings.luckyorange.com
snap.licdn.com
static.ads-twitter.com
t.co
tools.luckyorange.com
use.typekit.net
ws.zoominfo.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
www2.provisionsgroup.com
tools.luckyorange.com
104.244.42.131
104.244.42.69
13.107.42.14
141.193.213.11
146.75.120.157
2001:4860:4802:32::36
2600:9000:20eb:4000:18:6c16:27c0:93a1
2600:9000:20eb:6a00:2:53b2:240:93a1
2606:4700::6810:a852
2620:1ec:21::14
2a00:1450:400d:808::2008
2a02:26f0:11a::217:9a58
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:149b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.92.120.28
34.107.203.234
35.185.209.134
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
02d3accb1440be6cea4296c95b4ce646ee4b676c06a5bf492e64a337166d3afc
168fcbc07a12214029a524b2c356e9eec68ffc5e0c3ae1673f967f6d5e6c8753
19be36b532c3147a005317cbc940c69b7137c7980a462525055393d3cfd20b30
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
26cea47ccefbfba5e147b13e3654d20c6dd820743159fdb5e0c340aeb8fcc2cf
3648d85a81501c3a246d6d6225cedbe42b544e0014d2b714428510371b37b376
446eb6518cdf4314faab366ccad1d2c006592092014cfe746a9fe669191f02d4
45edfe45779e7eaa2c5732fed460a473ce86d012a7e15fec5d1ff995bbcff9e3
4c7a6484f1303a89df4a02740eca5067ce8a288ef697ae00080f2cfab69aabad
6a61d5468f1a3d6341ff7e7c0ff879c6060a97d455e94daee791e995ee6788f5
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
93f2589446c6f026253412008302ffdecb2ed32131a70728925ad9181f564d42
9e68a48da384399ceeff9848067071cd266d829ae02bd9ca97f3f5f3d6a9fa3c
a33128c94dd3c425bc3f4a9ba389a1f3d7a75233e8cb788ea80f8f43a3d68423
a3ccba6473bec2ce702c9cf91a2ff4339587fb3a3ee043609fd3ee6e81c57f90
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b2fd316eafc05e3f64566f84403eb17bb1d0c54e31daec31959139a131c7adaf
b7690da7ff64e2d6d83d50e84555271de796dc87c9f079283487cff53274eedf
c4d04d2b6a041dde11c80d8332f983a58c1031c663ab4f42230899cb82adf4a7
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cc3585fc68616a1df4514b8652e019b16f7f60402b07456061bdbdecccc6f071
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d3f0cc8e1eb01034143e23c7ea2e97f6d3af7994e3934504e99b56a68b1106a4
e0c7e325257b1a476556a821fc25da31985e62287e2ace16e243f49d5bf5737d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef7087e77d717cc989541eb719f07a9c437e5b7b25be8e39a2254e02180f95e7
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
faf1eaa6a2990a73774c97296943598e6654e7fe58b8441a50b26624735e1b2d