urlscan.io logo urlscan.io
SecurityTrails logo

bonsecoursmercyhealth.cultureamp.com Open in urlscan Pro
34.211.34.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bonsecoursmercyhealth.cultureamp.com/surveys/5ebbf5a7545e17002db17850/communication_designs/5ebbf5a7545e17002db17859
Effective URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a...
Submission: On May 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 34.211.34.65, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is bonsecoursmercyhealth.cultureamp.com.
TLS certificate: Issued by Amazon on August 5th 2019. Valid for: a year.
This is the only time bonsecoursmercyhealth.cultureamp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 34.211.34.65 16509 (AMAZON-02)
1 2 2600:9000:204... 16509 (AMAZON-02)
9 52.222.157.221 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
1 54.148.238.126 16509 (AMAZON-02)
1 151.101.114.110 54113 (FASTLY)
1 1 52.222.149.39 16509 (AMAZON-02)
5 52.222.149.76 16509 (AMAZON-02)
2 162.247.242.19 23467 (NEWRELIC-...)
1 75.2.88.188 16509 (AMAZON-02)
24 9
4    34.211.34.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-34-65.us-west-2.compute.amazonaws.com
bonsecoursmercyhealth.cultureamp.com
2    2600:9000:2047:4c00:f:1a8a:e3c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1vmr11cgrgrrj.cloudfront.net
9    52.222.157.221 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-157-221.fra53.r.cloudfront.net
d14ap9xqx3yvr5.cloudfront.net
1    2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
1    54.148.238.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-238-126.us-west-2.compute.amazonaws.com
in.analytics.cultureamp.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    52.222.149.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-39.fra53.r.cloudfront.net
widget.intercom.io
5    52.222.149.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-76.fra53.r.cloudfront.net
js.intercomcdn.com
2    162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-7.nr-data.net
bam.nr-data.net
1    75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Domain Requested by
9 d14ap9xqx3yvr5.cloudfront.net bonsecoursmercyhealth.cultureamp.com
5 js.intercomcdn.com js.intercomcdn.com
4 bonsecoursmercyhealth.cultureamp.com 1 redirects d14ap9xqx3yvr5.cloudfront.net
2 bam.nr-data.net js-agent.newrelic.com
2 d1vmr11cgrgrrj.cloudfront.net 1 redirects bonsecoursmercyhealth.cultureamp.com
1 api-iam.intercom.io js.intercomcdn.com
1 widget.intercom.io 1 redirects
1 js-agent.newrelic.com bonsecoursmercyhealth.cultureamp.com
1 in.analytics.cultureamp.com d14ap9xqx3yvr5.cloudfront.net
1 sessions.bugsnag.com d14ap9xqx3yvr5.cloudfront.net
24 10

This site contains links to these domains. Also see Links.

Domain
www.cultureamp.com
Subject Issuer Validity Valid
*.cultureamp.com
Amazon		 2019-08-05 -
2020-09-05		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-18 -
2021-05-18		 a year crt.sh
in.analytics.cultureamp.com
Amazon		 2019-09-25 -
2020-10-25		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-06 -
2021-05-07		 a year crt.sh
*.intercomcdn.com
Amazon		 2020-03-29 -
2021-04-29		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh
*.intercom.com
Amazon		 2020-05-13 -
2021-06-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Frame ID: 825EB069E507889A05305420D9A1F60D
Requests: 19 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.c51c42f1.js
Frame ID: 91583686E677FE08B5AEF8FD8F182B4D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bonsecoursmercyhealth.cultureamp.com/surveys/5ebbf5a7545e17002db17850/communication_designs/5ebbf5a7545e17002db17859 HTTP 302
    https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunicati... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i

Page Statistics

24
Requests

100 %
HTTPS

20 %
IPv6

7
Domains

10
Subdomains

9
IPs

2
Countries

1766 kB
Transfer

4252 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bonsecoursmercyhealth.cultureamp.com/surveys/5ebbf5a7545e17002db17850/communication_designs/5ebbf5a7545e17002db17859 HTTP 302
    https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://d1vmr11cgrgrrj.cloudfront.net/7834392/css/fonts.css HTTP 302
  • https://d1vmr11cgrgrrj.cloudfront.net/cloud-typography/674562/DD54D08E3754C252F.css
Request Chain 15
  • https://widget.intercom.io/widget/38afd9dceaebb66280bb1e276f21286862b6727a HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sign_in
bonsecoursmercyhealth.cultureamp.com/session/
Redirect Chain
  • https://bonsecoursmercyhealth.cultureamp.com/surveys/5ebbf5a7545e17002db17850/communication_designs/5ebbf5a7545e17002db17859
  • https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
17 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.34.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-34-65.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
72ce61f18eeceb290f56b6f2c20b5479e9ac2ec675d8dc3636a7ae6d8849207a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
bonsecoursmercyhealth.cultureamp.com
:scheme
https
:path
/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 20 May 2020 17:00:30 GMT
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
etag
W/"72ce61f18eeceb290f56b6f2c20b5479"
referrer-policy
strict-origin-when-cross-origin
server
nginx
set-cookie
_murmur_session_all=2a56407574b18bc2128976a77bcbe79c; domain=.cultureamp.com; path=/; expires=Wed, 20 May 2020 18:00:30 GMT; secure; HttpOnly
strict-transport-security
max-age=16070400; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
696066cc-b1b3-4cb5-aee6-50700fd71f6e
x-runtime
0.016486
x-xss-protection
1; mode=block

Redirect headers

status
302
date
Wed, 20 May 2020 17:00:30 GMT
content-type
text/html; charset=utf-8
content-length
224
location
https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
cache-control
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
b6f9fbf8-bfc3-44e9-b599-3eaa0743d3bf
x-runtime
0.106143
x-xss-protection
1; mode=block
DD54D08E3754C252F.css
d1vmr11cgrgrrj.cloudfront.net/cloud-typography/674562/
Redirect Chain
  • https://d1vmr11cgrgrrj.cloudfront.net/7834392/css/fonts.css
  • https://d1vmr11cgrgrrj.cloudfront.net/cloud-typography/674562/DD54D08E3754C252F.css
122 KB
92 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1vmr11cgrgrrj.cloudfront.net/cloud-typography/674562/DD54D08E3754C252F.css
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:4c00:f:1a8a:e3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f376dd26b82caef837ed5a62fd1a791658a2247adba90fe40f72923067517613

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 03:39:03 GMT
content-encoding
gzip
last-modified
Thu, 26 Jul 2018 06:02:58 GMT
server
AmazonS3
age
48088
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
status
200
x-amz-cf-pop
FRA53
x-amz-cf-id
XBzVG9nKoBSW78MZ4xC2fqNPeROR9Pb5Xes3nxJRmOh0pVqN1r7_AA==
via
1.1 c40ee2288a7db28fefd61c3f2ec7ccd7.cloudfront.net (CloudFront)

Redirect headers

date
Wed, 20 May 2020 17:00:30 GMT
via
1.1 c40ee2288a7db28fefd61c3f2ec7ccd7.cloudfront.net (CloudFront)
last-modified
Thu, 26 Jul 2018 06:06:48 GMT
server
AkamaiNetStorage
x-amz-cf-pop
FRA53
etag
"1b87b4a0d2bd48857fd3328e5e51f142:1564674878"
status
302
x-cache
Miss from cloudfront
content-type
text/html
location
https://d1vmr11cgrgrrj.cloudfront.net/cloud-typography/674562/DD54D08E3754C252F.css
cache-control
must-revalidate, private
x-hco-pid
5
content-length
154
x-amz-cf-id
ndPDmn35u4dsgDbAbU40vyahXacKPV2qMxCB4qiGxeed4tWGm_R7Hw==
expires
Wed, 20 May 2020 17:00:30 GMT
session-0356a57b1a30970fe041.bundle.css
d14ap9xqx3yvr5.cloudfront.net/assets/ 		554 KB
157 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/session-0356a57b1a30970fe041.bundle.css
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d149029aa169ef966baf55d1d5576b7522f889b8ef35687e098be94223eac4fc

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 10:51:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 May 2020 03:02:52 GMT
Server
AmazonS3
Age
22132
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
3x_tYzQ8ODh4NJ8_mf_LONs2bTPvuZwA91tWUUAXGo0Df4W1g53xCg==
bootstrap-529a53649326db49ec7b.bundle.css
d14ap9xqx3yvr5.cloudfront.net/assets/ 		52 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/bootstrap-529a53649326db49ec7b.bundle.css
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6e795d5e53b3ba210a273fa6ef74d3c90e49ee9f2567189f009a40e3524e9d6

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 06:58:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 May 2020 03:02:32 GMT
Server
AmazonS3
Age
36114
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
Vim39KJQEGBiIDHHMUatFxW0exXRoPHefm_KW0bXupODlt2t7eWcsg==
CA-logo-coral-7364c6b3603b0f645d4d868bd7799cdd.svg
d14ap9xqx3yvr5.cloudfront.net/assets/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/images/CA-logo-coral-7364c6b3603b0f645d4d868bd7799cdd.svg
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed2364b10e9d8cbd0c2c060d5b1fc74dd260edec8e91a55c12408161d27d5eed

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 09:50:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 06:59:39 GMT
Server
AmazonS3
Age
25822
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
QJAJbHw4za5D4wgqXUBBzW--jUL6W-pkL9riUN0J1i0YbYQ0qo7EZQ==
google-sign-in-logo-7827183c81a6a4a3493a418db6c731b5.svg
d14ap9xqx3yvr5.cloudfront.net/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/images/google-sign-in-logo-7827183c81a6a4a3493a418db6c731b5.svg
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9b3b0595117a96e8b08ad4c38fe874b58c05b53161fdbc7f3c377cdcb6797de

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 01:54:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 May 2020 06:59:40 GMT
Server
AmazonS3
Age
54335
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
iSdXVr66nLn0i1kOmF9efNj__jtFQh7B9WdtXKn1NzhU2JdFlm75hQ==
commonDll-197176765f414c16ac47.bundle.js
d14ap9xqx3yvr5.cloudfront.net/assets/ 		1 MB
368 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/commonDll-197176765f414c16ac47.bundle.js
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f1cccff0db4ceb16be6de74f3ead0876f13210fcdcc72d5bf541b14900bd3b17

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 04:31:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 May 2020 03:02:33 GMT
Server
AmazonS3
Age
44939
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
l6jjvBM4oQ_fvnMjFAXCDS43j96IGQvIMiRVQhUwhzGksvgGMzfm5g==
session-c89bbf06d6310b08cca0.bundle.js
d14ap9xqx3yvr5.cloudfront.net/assets/ 		1 MB
462 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/session-c89bbf06d6310b08cca0.bundle.js
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc89fb938e49b787de127df65b06b7048a8f4448193f39b2c52b76c0b03044e8

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 10:51:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 May 2020 03:02:53 GMT
Server
AmazonS3
Age
22132
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 0c23bed0dc9f1c700b571cf55c540239.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA53
X-Amz-Cf-Id
KEw6ZPxCoBWUxZe0fQ-WNxdUiAksNCCKbdc3YkDV4tkNlGCi0OrDSA==
OpenSans-Regular-webfont-79515ad0788973c533405f7012dfeccd.woff
d14ap9xqx3yvr5.cloudfront.net/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/fonts/OpenSans-Regular-webfont-79515ad0788973c533405f7012dfeccd.woff
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d14ap9xqx3yvr5.cloudfront.net/assets/session-0356a57b1a30970fe041.bundle.css
Origin
https://bonsecoursmercyhealth.cultureamp.com

Response headers

Date
Wed, 20 May 2020 17:00:32 GMT
Via
1.1 67284fcf464f6f1529cc1e521669622c.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop
FRA53
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
22660
Last-Modified
Wed, 20 May 2020 03:02:40 GMT
Server
AmazonS3
ETag
"79515ad0788973c533405f7012dfeccd"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
iQeS43deM1-o0bI3k-W0Bektb7sAKVNvpKQAEC9UWZdU5WBI4PaQoA==
OpenSans-Semibold-webfont-697574b47bcfdd2c45e3e63c7380dd67.woff
d14ap9xqx3yvr5.cloudfront.net/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/fonts/OpenSans-Semibold-webfont-697574b47bcfdd2c45e3e63c7380dd67.woff
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://d14ap9xqx3yvr5.cloudfront.net/assets/session-0356a57b1a30970fe041.bundle.css
Origin
https://bonsecoursmercyhealth.cultureamp.com

Response headers

Date
Wed, 20 May 2020 17:00:32 GMT
Via
1.1 7f9337ef3a0e409fd3409fbbbcf08744.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Pop
FRA53
X-Cache
Miss from cloudfront
Connection
keep-alive
Content-Length
22908
Last-Modified
Wed, 20 May 2020 03:02:40 GMT
Server
AmazonS3
ETag
"697574b47bcfdd2c45e3e63c7380dd67"
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
ST6-Jm-K4xoKBFj3UawkcT0jprLvcQeHlOzbQtM4JhgEYi3GdNlIUQ==
intercom
bonsecoursmercyhealth.cultureamp.com/my/profile_data/ 		2 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bonsecoursmercyhealth.cultureamp.com/my/profile_data/intercom
Requested by
Host: d14ap9xqx3yvr5.cloudfront.net
URL: https://d14ap9xqx3yvr5.cloudfront.net/assets/session-c89bbf06d6310b08cca0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.34.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-34-65.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-csrf-token
UhvIKc1BWVTmoqFa4sa9vwdHuE2McHLdiSURAKYjFrrqnHYOQlSWmbIlOjKuspOk89vGtOJVeEDv3CE4y2TXuQ==

Response headers

x-runtime
0.005401
date
Wed, 20 May 2020 17:00:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
401
x-permitted-cross-domain-policies
none
cache-control
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
content-length
2
x-xss-protection
1; mode=block
x-request-id
5612c8d4-30f4-4df8-a4aa-26826aa3af56
amplitude
bonsecoursmercyhealth.cultureamp.com/my/profile_data/ 		2 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bonsecoursmercyhealth.cultureamp.com/my/profile_data/amplitude
Requested by
Host: d14ap9xqx3yvr5.cloudfront.net
URL: https://d14ap9xqx3yvr5.cloudfront.net/assets/session-c89bbf06d6310b08cca0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.34.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-34-65.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
x-csrf-token
UhvIKc1BWVTmoqFa4sa9vwdHuE2McHLdiSURAKYjFrrqnHYOQlSWmbIlOjKuspOk89vGtOJVeEDv3CE4y2TXuQ==

Response headers

x-runtime
0.004984
date
Wed, 20 May 2020 17:00:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
status
401
x-permitted-cross-domain-policies
none
cache-control
no-cache
x-content-type-options
nosniff
strict-transport-security
max-age=16070400; includeSubDomains
content-length
2
x-xss-protection
1; mode=block
x-request-id
9003f058-40a7-4f3d-8526-eb3bca0f8381
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d14ap9xqx3yvr5.cloudfront.net
URL: https://d14ap9xqx3yvr5.cloudfront.net/assets/commonDll-197176765f414c16ac47.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://bonsecoursmercyhealth.cultureamp.com/
Bugsnag-Sent-At
2020-05-20T17:00:31.458Z
Bugsnag-Api-Key
95f1cb4f1a8676b4f3bb524e0133b83c
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

status
202
date
Wed, 20 May 2020 17:00:31 GMT
via
1.1 google
access-control-allow-origin
*
alt-svc
clear
content-length
21
content-type
application/json
login__background--seedling-2645d64eaa455ac54b2638eed0f2e352.jpg
d14ap9xqx3yvr5.cloudfront.net/assets/images/background/ 		388 KB
388 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d14ap9xqx3yvr5.cloudfront.net/assets/images/background/login__background--seedling-2645d64eaa455ac54b2638eed0f2e352.jpg
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.157.221 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-157-221.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfcefed9076f489db5f7d1abbb589b916e96951566aa5d76bde91dd8f345f4a7

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 20 May 2020 04:31:35 GMT
Via
1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
Last-Modified
Wed, 20 May 2020 03:02:42 GMT
Server
AmazonS3
Age
44937
ETag
"2645d64eaa455ac54b2638eed0f2e352"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Connection
keep-alive
X-Amz-Cf-Pop
FRA53
Accept-Ranges
bytes
Content-Length
397315
X-Amz-Cf-Id
qtdMVz5061WKQxNXSyedjqKBJreLBEiiHOPON1tPR3esyUKGMOf5nw==
pageviews
in.analytics.cultureamp.com/incoming_frontend/ 		91 B
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.analytics.cultureamp.com/incoming_frontend/pageviews?api_key=hbq3mkhC9MP7jkuCf6e9nhF2CYzrKpzdjCDK3MEy&modified=1589994031832&data=eyJwYWdlX3Byb3BlcnRpZXMiOiJ7fSIsInRpbWV6b25lX29mZnNldCI6LTEyMCwidGltZXpvbmVfbmFtZSI6IkV1cm9wZS9CZXJsaW4iLCJ0ZF92ZXJzaW9uIjoiMi4xLjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiU2lnbiBpbiB0byBDdWx0dXJlIEFtcCIsInRkX2Rlc2NyaXB0aW9uIjoiU2ltcGxlLCBPcGVuLCBSZWFsLVRpbWUgRGFzaGJvYXJkcyBvZiB5b3VyIEVtcGxveWVlIEVuZ2FnZW1lbnQuIiwidGRfdXJsIjoiaHR0cHM6Ly9ib25zZWNvdXJzbWVyY3loZWFsdGguY3VsdHVyZWFtcC5jb20vc2Vzc2lvbi9zaWduX2luP3JlZGlyZWN0PSUyRnN1cnZleXMlMkY1ZWJiZjVhNzU0NWUxNzAwMmRiMTc4NTAlMkZjb21tdW5pY2F0aW9uX2Rlc2lnbnMlMkY1ZWJiZjVhNzU0NWUxNzAwMmRiMTc4NTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImJvbnNlY291cnNtZXJjeWhlYWx0aC5jdWx0dXJlYW1wLmNvbSIsInRkX3BhdGgiOiIvc2Vzc2lvbi9zaWduX2luIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiJ9&callback=TreasureJSONPCallback0
Requested by
Host: d14ap9xqx3yvr5.cloudfront.net
URL: https://d14ap9xqx3yvr5.cloudfront.net/assets/session-c89bbf06d6310b08cca0.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.238.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-238-126.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
93008f281572f991ff53b1bea27578472388367ef4b8efab9ed2a1048f154924

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 20 May 2020 17:00:32 GMT
x-amzn-requestid
c39ed30c-27d5-4911-a41c-cf824124c79d
x-amz-apigw-id
M1xHjFPBPHcFZBQ=
x-amzn-trace-id
Root=1-5ec56230-6c26bd8fddd81650161c2d1f
content-length
91
content-type
application/javascript
nr-1167.min.js
js-agent.newrelic.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1167.min.js
Requested by
Host: bonsecoursmercyhealth.cultureamp.com
URL: https://bonsecoursmercyhealth.cultureamp.com/session/sign_in?redirect=%2Fsurveys%2F5ebbf5a7545e17002db17850%2Fcommunication_designs%2F5ebbf5a7545e17002db17859
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 17:00:31 GMT
content-encoding
gzip
x-amz-request-id
9F168BA697B778D0
x-cache
HIT
status
200
content-length
10178
x-amz-id-2
yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by
cache-hhn4037-HHN
last-modified
Fri, 07 Feb 2020 23:39:55 GMT
server
AmazonS3
x-timer
S1589994032.931579,VS0,VE0
etag
"8155781ab74e51eee2ead2c1d5902e63"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
14475
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/38afd9dceaebb66280bb1e276f21286862b6727a
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
827e3e597d709249e3e9667d83a40000fdf2550b249790de7b5c1b810aaf88e6

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 16:57:30 GMT
content-encoding
gzip
age
183
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2849
last-modified
Wed, 20 May 2020 00:08:06 GMT
server
AmazonS3
etag
"87a5d844dab01451e54fa87925a06972"
content-type
application/javascript; charset=UTF-8
via
1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
UrYC5rjp8DmyqDjfyKuMxRKdheP9hKQET23OFsOZpt20RT9xLF9XMw==

Redirect headers

date
Tue, 19 May 2020 09:50:57 GMT
via
1.1 c483a0db2609b3ac0bb94a739fe72cc7.cloudfront.net (CloudFront)
server
AmazonS3
age
112175
status
302
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA53
content-length
0
x-amz-cf-id
7XGfBshyCQT4fkkeinmtk2dp5S1XsxltGRDs6ghohuFe7n1zivqZPA==
b482578c7f
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/b482578c7f?a=84446453&v=1167.2a4546b&to=dltfTUJWXgldR05CB0ZHWFZeSh0LXUI%3D&rst=5727&ref=https://bonsecoursmercyhealth.cultureamp.com/session/sign_in&ap=15&be=4430&fe=5576&dc=5200&perf=%7B%22timing%22:%7B%22of%22:1589994026260,%22n%22:0,%22r%22:0,%22re%22:3989,%22f%22:3989,%22dn%22:3989,%22dne%22:3989,%22c%22:3989,%22ce%22:3989,%22rq%22:3990,%22rp%22:4196,%22rpe%22:4367,%22dl%22:4199,%22di%22:5199,%22ds%22:5200,%22de%22:5218,%22dc%22:5542,%22l%22:5576,%22le%22:5590%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=4601&fcp=4601&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
frame-modern.c51c42f1.js
js.intercomcdn.com/ Frame 9158 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.c51c42f1.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
076bce87cbb70d128082b3a0feb2d003e697af189d1f8016d773a8e98b4d05e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 16:23:42 GMT
content-encoding
gzip
age
2241
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
62657
last-modified
Wed, 20 May 2020 00:03:20 GMT
server
AmazonS3
etag
"9fdcce434f8d354fd63b5ecbc77b2ac4"
content-type
application/javascript; charset=UTF-8
via
1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
liidBpCo-MVAJQOzStk2rUx0n4rCOmpQEyStrmHM3U_XNjWFSTePSg==
vendor-modern.3b58d983.js
js.intercomcdn.com/ Frame 9158 		166 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.3b58d983.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e5fd2c7afcb38c4fc47d19390d4dae21dbd2cdb8c53e9293b38f63a3b4094f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 16:48:33 GMT
content-encoding
gzip
age
722
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
51250
last-modified
Fri, 15 May 2020 19:17:57 GMT
server
AmazonS3
etag
"4015bb38f401d5851b9f53faf3ceaa65"
content-type
application/javascript; charset=UTF-8
via
1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
17Du-XPzGhn8VDe5jGMdE8t7kgHiL_hKKOebcnAughc_LOHUBSYEGw==
ping
api-iam.intercom.io/messenger/web/ Frame 9158 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c51c42f1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c886052ee3ab8b1f299698db0da61d95b8f94f939c87666d80541044a16f26fc
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 20 May 2020 17:00:32 GMT
content-encoding
gzip
x-ami-version
ami-0a92b9c70d98a4723
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000s6nmmtn08nj9tfftg
x-runtime
0.328349
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"c886052ee3ab8b1f299698db0da61d95"
x-ratelimit-remaining
19941
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bonsecoursmercyhealth.cultureamp.com
x-intercom-version
c67c7dfab051d5db66cc95ab956952ccfe234331
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1589994060
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
vendors~app-modern.6e0e18b7.js
js.intercomcdn.com/ Frame 9158 		247 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.6e0e18b7.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c51c42f1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ae61c6d236d856999ac097054f61cbe4e79151d4ea4c00aeac09526fa76b5ac

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 15:42:39 GMT
content-encoding
gzip
age
5371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
76996
last-modified
Wed, 20 May 2020 00:03:21 GMT
server
AmazonS3
etag
"55abbb47a3f0803aba8efd9891602bb9"
content-type
application/javascript; charset=UTF-8
via
1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
YHtysyy5y5lXTlw9VixCaSUiU_h4ZqIxe06BDBP9kn_e8jrXcPcOtQ==
app-modern.37080ae0.js
js.intercomcdn.com/ Frame 9158 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.37080ae0.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c51c42f1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.222.149.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-149-76.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96cbc542207aff20bbc763c63e00c2290707a0f98e4d486118db84c5f4f45124

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 20 May 2020 15:42:39 GMT
content-encoding
gzip
age
5371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
19153
last-modified
Tue, 19 May 2020 21:22:13 GMT
server
AmazonS3
etag
"04ac181e62a3f94a16b8e203bc4212b4"
content-type
application/javascript; charset=UTF-8
via
1.1 b8b7a48d4425abc8f20c14956fccf2e5.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA53
accept-ranges
bytes
x-amz-cf-id
9GSPZw5UjPpxWJgHO26hYAZEizTqc4fI5OKnVgIFlRIGF-Y-LNjMMg==
b482578c7f
bam.nr-data.net/events/1/ 		24 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/b482578c7f?a=84446453&v=1167.2a4546b&to=dltfTUJWXgldR05CB0ZHWFZeSh0LXUI%3D&rst=15726&ref=https://bonsecoursmercyhealth.cultureamp.com/session/sign_in
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://bonsecoursmercyhealth.cultureamp.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://bonsecoursmercyhealth.cultureamp.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| AUTH_TOKEN string| ACTION string| COMPONENT string| CONTROLLER string| LOCALE string| resourceBaseUrl object| NREUM object| newrelic function| __nr_require object| treasureDataSettings function| commonDll object| CultureAmp function| bugsnag object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| jQuery112405750083231700769 object| BrowserDetect boolean| ie boolean| firefox object| $window object| $document object| $body boolean| TOUCH_DEVICE boolean| showAjaxSpinner function| applyFocusVisiblePolyfill object| __SVG_SPRITE__ object| JSON3 object| React function| _ boolean| enableBugsnag object| bugsnagClient function| dismissPopovers function| Intercom object| intercomSettings function| TreasureJSONPCallback0

3 Cookies

Domain/Path Name / Value
.cultureamp.com/ Name: __td_signed
Value: false
.cultureamp.com/ Name: _td
Value: 941394fa-e8d7-4490-8732-e955c7328b8f
.cultureamp.com/ Name: _murmur_session_all
Value: 2a56407574b18bc2128976a77bcbe79c

1 Console Messages

Source Level URL
Text
console-api debug URL: https://d14ap9xqx3yvr5.cloudfront.net/assets/commonDll-197176765f414c16ac47.bundle.js(Line 2)
Message:
[bugsnag] Loaded!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
bam.nr-data.net
bonsecoursmercyhealth.cultureamp.com
d14ap9xqx3yvr5.cloudfront.net
d1vmr11cgrgrrj.cloudfront.net
in.analytics.cultureamp.com
js-agent.newrelic.com
js.intercomcdn.com
sessions.bugsnag.com
widget.intercom.io
151.101.114.110
162.247.242.19
2600:1901:0:7a0b::
2600:9000:2047:4c00:f:1a8a:e3c0:21
34.211.34.65
52.222.149.39
52.222.149.76
52.222.157.221
54.148.238.126
75.2.88.188
076bce87cbb70d128082b3a0feb2d003e697af189d1f8016d773a8e98b4d05e3
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
2ae61c6d236d856999ac097054f61cbe4e79151d4ea4c00aeac09526fa76b5ac
33c3bf91a25c2b7a355ab82043af5b30efd739892586c6fef51a740c1429265d
40e5fd2c7afcb38c4fc47d19390d4dae21dbd2cdb8c53e9293b38f63a3b4094f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
72ce61f18eeceb290f56b6f2c20b5479e9ac2ec675d8dc3636a7ae6d8849207a
827e3e597d709249e3e9667d83a40000fdf2550b249790de7b5c1b810aaf88e6
93008f281572f991ff53b1bea27578472388367ef4b8efab9ed2a1048f154924
96cbc542207aff20bbc763c63e00c2290707a0f98e4d486118db84c5f4f45124
c886052ee3ab8b1f299698db0da61d95b8f94f939c87666d80541044a16f26fc
c9b3b0595117a96e8b08ad4c38fe874b58c05b53161fdbc7f3c377cdcb6797de
d149029aa169ef966baf55d1d5576b7522f889b8ef35687e098be94223eac4fc
d6e795d5e53b3ba210a273fa6ef74d3c90e49ee9f2567189f009a40e3524e9d6
dfcefed9076f489db5f7d1abbb589b916e96951566aa5d76bde91dd8f345f4a7
ed2364b10e9d8cbd0c2c060d5b1fc74dd260edec8e91a55c12408161d27d5eed
f1cccff0db4ceb16be6de74f3ead0876f13210fcdcc72d5bf541b14900bd3b17
f376dd26b82caef837ed5a62fd1a791658a2247adba90fe40f72923067517613
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
fc89fb938e49b787de127df65b06b7048a8f4448193f39b2c52b76c0b03044e8